Online Guided Learning Assignment

Student Name: Charumathi Kubendiran

Student ID: 2217687

Introduction:
Block Chain technology was invented by “Satoshi Nakamoto”
during the year 2008 for the purpose of bitcoin. Initially Block
chains were used only in bitcoin and at later stages financial
institutions, health care industry and supply chain also started
using Block chain.
During the early stages organizations will use ledger to track
and record the expenditure, cash available at hand, balance
available after expenditure etc., if the same thing is done
digitally without any bias to the parties involved in the
transaction, then it is one of the aspects of block chain, in
simple words easier way of doing complete transactions
without dealing with banks, third party applications and online
wallets.

Blockchain and Cybersecurity:

Block chain is collection of records linked with each other
(Blocks linked) which are strongly resistant to alteration
protected using cryptography. At times people might experience
failure of normal currency money transactions due to various
reasons like technical glitches from bank’s website, Accounts
being Hacked, Daily Transfer limits or withdrawal limits
exceeding and higher transaction charges to solve all these
issues crypto currency came into place. Crypto currency is a
digital or virtual currency which is based on blockchain
technology.
Crypto currencies cannot be counterfeited or duplicated and
not regulated by central authorities which have strong and
simple encryption algorithms. There are more than thousands
of crypto currencies like Dogecoin, Tether, lite coin, Bitcoin etc.,
Bit coin is a most popular crypto currency.
Let’s look at an example of bit coin transaction between 4
friends Peter, Harry, Sam and Jack. These friends went to
restaurants and Sam paid the bill and all other friends decided
to split up the bill. Let’s assume Peter, Harry and Jack has 3 bit
coins in reserve and Sam have five. First when Peter sends two-
bit coin to Sam a record is created in form of a block containing
the transaction details between these two people which is
permanently inscribed in this block. The records will also have
the number of bit coins each person. In the same example now,
Peter is left with the reserve of only 1 bit coin and following this
two other friends Harry and Jack send 2 bit coins to Sam and
these transactions too will hold all the transactions as well as
the number of bit coins each person holds. These blocks are
linked to each other and each of them takes reference from the
previous blocks for the number of bit coins each friend owns.
This chain of records or blocks is called “ledger”. This ledger is
shared among all the friends which is a “Public Distributed
Ledger” which forms as the basis of block chain. So now Peter
has a reserve of only one bit coin but what happens when he
initiates or ties sending 2 more coins to Jack then the
transaction will be declined. As all the friends have the details
shared which will enable them to flag the transaction as invalid.
Hackers will not be able to alter the data encrypted in the block
chain because the users involved has a copy of the ledger and
the details within the blocks are encrypted by complex
algorithms which is made possible by bit coin technology. Every
user in the bit coin transaction will have two keys, A public key
and a private key. Public Key acts as an address that is known by
everyone within the network like email address of the user.
Private key is unique address which is known only to the user
which is like a password credentials. In the above example
transaction when Peter passes the number of bit coins to Sam
along with his and Sam’s unique wallet address through hashing
algorithm all of which is a part of the transaction details which
are encrypted using encryption algorithm and using Peter’s
unique private key this is used to done digitally sign the
transaction indicating the transactions was initiated by Peter.
This output is now transmitted to the across the world using
Sam’s public key with which the message or transaction can be
decrypted only by Sam’s private kay which only Sam has
knowledge of.
Different crypto currencies different hashing algorithms and
bitcoin uses SHA256 algorithm, another famous crypto currency
Ethereum uses algorithm ETHASH and these transactions can
take place all over the world, validated and added block by
block. The people who validate these blocks are called
“Miners”. If a block has to be validated and needs to be added
to block chain, Miners have to solve the complex mathematical
problems. Any miner solving the problem first adds the block to
the block chain and is rewarded with 12.5 bit coins for his proof
of work.
The process of solving the mathematical problems is called
proof of work and adding a block to block chain is called
“Mining”. There are many types of block chain based on the
participation and be categorized as private and public. In Public
block chain networks, any user will be able to join and the
participants will be ensured of their anonymous identity and
allows them validating the transactions. In Private block chain
networks membership and access privilege confirming their
identities is one of the basic characteristics and also only
familiar known organizations are allowed for participation.
Knowing these will help us in choosing the right networks for
our business organization, for instance private networks have
tighter regulatory controls and compliance concerns when
compared to public networks. Public networks also enable
decentralization and better distribution.
Cyber Attacks and Security Issues:
Though block chain seems secure with the distributed
knowledge and the details of transactions cannot be altered it
does not ensure us of safety from cyber-attacks and cyber
frauds. Some serious security issues of block chain include
Exploited code for instance when a programmer was trying to
fix the code malfunctioning and an hacker began hacking the
data of decentralized autonomous organization of ether
collected from sale of tokens which resulted in loss of 60 Million
Ether being stolen in just few hours. Missing keys is another
security concern where keys are stolen prominent instance of
72 million dollars stolen from Hong Kong crypto currency
exchange Bitfinex keys were the probable cause for this event
causing such a great loss. (Reference: Clare Baldwin, 3 Aug
2016)
Hacking Employees system is another security concern for
blockchain which happened in Bithumb which is a fourth largest
crypto currency exchange located in south Korea resulting in
loss of Millions of dollars and by compromising the data of
30,000 users. It is clear from the above examples that block
chain is not completely secure. If the hacker is able to achieve
50% of the network’s computing power, then he shall be able to
stop the payments and new transactions and reverse the
completed payments when they have control of the network
which is a big security threat allowing them to double spend the
coins proving that major crypto currencies like bit coin can be
damaged. Though these issues are sorted such threats can
prove to be highly costly. Many popular crypto currency
platforms have faced this 51% types of attacks in the past. Such
platforms are Ethereum classic, Zencash, Verge, Feather coin
and Vertcoin causing losses of around 20 million dollars
(Reference: Elikem Attah, Apr 24,2019)
All the above instance shows that certain control measures are
to be laid like improved monitoring of pools, higher hash rates
to be refrained for proof of work, routing attacks, monitoring
the traffic exchanges between bitcoin nodes. One important
factor to be considered in routing attacks block chain security
lies in anonymous identity leaving the block chain participants
unable to find the routing attacks as the user end will be
normal. Routing attacks usually leaks the confidential data and
results in monetary loss without the knowledge of the network
participants.
End point vulnerabilities – which is an individual accessing any
form of data from anywhere, most times hackers try to steal the
keys and the best way to get is to attack at the weakest point in
entire system usually being personal mobile phones or
computers. All end points provide an opportunity for the hacker
to access the data. When a device is exploited then hackers
piggyback the credentials and does damage the network
system.
When companies engage vendors in deploying third party block
chain apps and platforms then we are not aware of the exposed
and faulty vendors. Weaker controls in vendor systems,
personal vulnerability, malfunctioned codes can lead to client
exposure as well.
Phishing is also a common mode of attack used by many
hackers, which is an attempt to obtain the credentials by scam
posing as a authorized user and source. Usually, fake hyperlinks
are used for phishing attacks. Best way to avoid these types of
attacks are by educating the users and framing internal
organizational policies.

Conclusion:
Whenever there is an evolution of new technology it will be
also followed by various security issues. Still Block chain
provides transparency and high level of security to users and it
is the responsibility of the product designers to consider the
security right from inception. Knowing the vulnerabilities of
Block chain is important to create better networks and systems
which cannot be compromised by the hackers and security
threats.

References:
➢ Clare Baldwin, 3 Aug 2016 - Bitcoin worth $72 million
stolen from Bitfinex exchange in Hong Kong
 https://www.reuters.com/article/us-bitfinex-hacked-
hongkong-idUSKCN10E0KP
➢ DUNCAN RILEY , 05 July 2017 - South Korean crypto
exchange Bithumb hacked, millions potentially stolen
https://siliconangle.com/2017/07/05/south-korean-
crypto-exchange-bithumb-hacked-millions-potentially-
stolen/
➢ Elikem Attah , Apr 24,2019 - Five most prolific 51% attacks
in crypto: Verge, Ethereum Classic, Bitcoin Gold,
Feathercoin, Vertcoin - https://cryptoslate.com/prolific-51-
attacks-crypto-verge-ethereum-classic-bitcoin-gold-
feathercoin-vertcoin/