Blockchain Isn’t as Unbreakable as You Think

DescriptionSometimes it seems as if everyone has bought into the hype: Industries as far-flung as real estate and diamond sales1 have embraced blockchain without entirely knowing what it is or how its most vaunted features might fail or have unintended consequences. Blockchain assures users that once information has been stored, it can never be deleted or falsified. This means that when people in finance, say, pore over the history of a transaction, they feel content in the knowledge that illegalities have nowhere to hide. It means that people in the supply chain of a product trust that they can check its provenance without fear that misinformation has slipped in along the way. In essence, blockchain promises not just complete data security but also something more intangible: that we will never be conned. Is it really so important that we understand what’s under the hood? The truth is that blockchain is not as secure as it is believed to be, and its features can rebound in unfortunate ways. In research I conducted with Jae Lee, described in detail in his graduate thesi forthcoming paper for the Cybersecurity at MIT Sloan (CAMS) initiative, we cataloged 72 breaches between 2011 and 2018. These breaches cost users a grand total of more than $2 billion. Many breaches were possible because blockchain is actually vulnerable in some of the same ways that conventional, centralized record-keeping systems are. The rest are even more troubling, because were able to exploit the very features that make blockchain revolutionary: transparency, distribu anonymity, and immutability. In this article, we will look closely at both categories of vulnerabil organizations can weigh the risks and decide whether to make use of blockchain.
AuthorsStuart Madnick
Date PublishedNov 1, 2019
PDF Versionblockchain-isn-t-as-unbreakable-as-you-think.pdf (338.8 KiB)