• About Us
  • Careers
  • Contact
No Result
View All Result
Sunday, July 27, 2025
DeFi Planet
  • News
    • People
    • Business
    • Crime
    • Regulation
    • Crypto
    • CBDC
  • Markets
    • Bitcoin
    • Ethereum
    • Stablecoins
    • Altcoins
    • Crypto ETFs
    • Memecoins
  • Policy
  • Articles
    • Press Releases
    • Opinion
    • Explainers
    • Guest Post
    • Sponsored
  • Directory
    • Companies
    • People
    • Products
    • Wallets
  • Multimedia
    • Videos
    • Podcasts
  • Learn
    • DeFi Basics
    • Tutorials
    • Reviews
    • Blockchain Fundamentals
  • Research
    • Case Studies
  • Explore
    • DeFi
    • Crypto Gaming
    • NFT
    • DAO
    • Metaverses
    • Glossary
  • Jobs
  • Markets Pro
    • DeFi Planet Pro
    • Spend Crypto
    • Swap Crypto
    • Coin Prices
    • Crypto Exchanges
    • Crypto Analyzer
  • News
    • People
    • Business
    • Crime
    • Regulation
    • Crypto
    • CBDC
  • Markets
    • Bitcoin
    • Ethereum
    • Stablecoins
    • Altcoins
    • Crypto ETFs
    • Memecoins
  • Policy
  • Articles
    • Press Releases
    • Opinion
    • Explainers
    • Guest Post
    • Sponsored
  • Directory
    • Companies
    • People
    • Products
    • Wallets
  • Multimedia
    • Videos
    • Podcasts
  • Learn
    • DeFi Basics
    • Tutorials
    • Reviews
    • Blockchain Fundamentals
  • Research
    • Case Studies
  • Explore
    • DeFi
    • Crypto Gaming
    • NFT
    • DAO
    • Metaverses
    • Glossary
  • Jobs
  • Markets Pro
    • DeFi Planet Pro
    • Spend Crypto
    • Swap Crypto
    • Coin Prices
    • Crypto Exchanges
    • Crypto Analyzer
No Result
View All Result
DeFi Planet
No Result
View All Result
Home Articles

Security of Blockchain Platforms

9 February 2022
in Articles, Blockchain Fundamentals, Opinion
Reading Time: 8 mins read
161 7
Security of Blockchain Platforms

Contents

Toggle
  • Introduction
  • Basics of blockchain security
  • The different types of security by blockchain types
  • Some popular blockchain cyberattacks and scams
  • Methods used by fraudsters to attack blockchain technologies
  • What’s needed for a secure blockchain solution?
  • Blockchain security tips and best practises
  • Conclusion

Introduction

A blockchain is a distributed database that is shared across computer network nodes. It is a database that electronically saves information in digital format. The information is accessible to all specified nodes or members, who can record, distribute, and examine encrypted transactional data on their blockchain.

This data is kept in “blocks,” each of which can hold a specific quantity of data. When a block reaches its maximum capacity, it is attached to the preceding full block, forming a data chain known as a ‘blockchain.’

Each new block of information is linked to all preceding blocks in such a way that tampering with the information is practically impossible. A consensus process validates and agrees on all transactions in the block, ensuring that each transaction is correct.

Basics of blockchain security

Blockchain is designed in such a way that it allows for minimum trust among individuals. Blockchain security refers to the risk management system for networks and methods for mitigating risks related to fraud and cyber-attacks.

Blockchain technologies are fundamentally secure as they are based on consensus, cryptography, and decentralisation. 

However, this does not guarantee that the technology is 100% secure. It is still prone to cybercrimes and manipulations that can cause damage.

The different types of security by blockchain types

Blockchain networks can be public or private, depending on who can participate and who has access to the data.

 

Public blockchains: are permissionless blockchain networks. They typically can be joined by anyone. The system is decentralised and does not have any authoritative entity. In such a blockchain, transactions are validated through consensus by internet-connected computers. Bitcoin and Ethereum are well-known examples of public blockchains and both achieve consensus through mining. Miners perform a complicated cryptographic task and validate the transaction (proof of work). This type of network has few identifications and access constraints.

Private blockchains: are also known as permissioned blockchains because they use identity to confirm membership and access privileges. Only one organisation has control over the network i.e., forming a private, members-only network. The network achieves consensus by selective endorsement, in which only recognised users check transactions. Members with specific access and authorization can maintain the transaction ledger.

Private and permissioned networks are ideal for compliance and regulatory reasons. Public and permissionless networks, on the other hand, enable more decentralisation and dissemination. Hence, it is crucial to determine the type of blockchain that meets your specific business needs.

Some popular blockchain cyberattacks and scams

  • DAO Code Exploitation: This event exposed privacy and security vulnerabilities with the Decentralised Autonomous Organisation (or DAO) blockchain. While programmers were resolving a problem with code malfunctioning on the system, an unknown attacker started draining the DAO of Ether acquired from the sale of its tokens. More than $60 million in Ether was stolen in just a few hours, and the loss was especially distressing for DAO because it amounted to more than one-third of its overall value. The primary reason for this incident was code exploitation, demonstrating the vulnerability of the blockchain infrastructure.
  • Missing Keys: There have been cases of bitcoin theft, the most notable of which occurred at Bitfinex, a Hong Kong-based cryptocurrency exchange.

The total amount stolen was close to $72 million. The most likely cause of the theft, according to investigative reports, was either stolen private keys or personal digital signatures.

  • Hacking Employee System: Another notable example of blockchain security vulnerabilities is the hack of Bithumb, one of South Korea’s largest cryptocurrency exchanges for Bitcoin and Ethereum. During this incident, hackers gained access to the data of around 30,000 users while also stealing $32 million in Bitcoin. Surprisingly, the core systems were not compromised, and the main culprit was a hacked employee PC. Essentially, an attacker gained access to a network node, and internal security procedures were not effectively deployed, resulting in a costly mistake for the firm.

Methods used by fraudsters to attack blockchain technologies

  • Routing attacks: These attacks can be used to partition the segment into two or more disjoints. This prevents nodes from connecting with other nodes outside the network. Hackers can intercept data as it travels to the Internet Service Providers (ISPs) and force the creation of parallel blockchains.
  • 51% attacks:  Also referred to as a majority attack. As the name implies, majority attacks occur when a single individual or group acquires 50% of a blockchain network’s mining hash rate. If the attack is successful, attackers will possess a majority of network control, allowing them to reorder new transactions and prevent them from being completed. This can potentially cause double-spending problems.
  • Sybil attacks: A Sybil attack occurs when a single node actively operates multiple identities simultaneously, depleting the network’s power. The primary purpose of this attack is to seize control of the majority of network influence. This allows the execution of fraudulent activities in the system. 
  • Phishing attacks: In this case, the hacker sends an email that directs recipients to a website that requests their private key information. The hacker can steal the cryptocurrencies in the wallet after obtaining the necessary information. These are the most common types of cyberattacks.

What’s needed for a secure blockchain solution?

Consider the following factors while creating a safe and secure blockchain:

When constructing a blockchain, it is important to consider the governance model for the participating members as well as the type of data that will be collected in each block.  This would aid in the evaluation of risks in business and governance, leading to the development of a risk model.

It is critical to understand the relevant legislative requirements as well as the basic security posture for participation before evaluating the vulnerabilities that comprise a threat model.

Finally, security protocols must be developed to limit risks and threats, therefore safeguarding the blockchain solution as well as the logic for resolving blockchain collisions.

Blockchain security tips and best practises

  1. The blockchain solution’s underlying infrastructure should be considered as vital infrastructure to ensure that the relevant security measures are in place.
  2. Use best practises for network partitioning both within and outside the network, as well as within the enterprise, to limit access. To host digital assets for all platform members, the solution must be partitioned utilising channels and namespacing. Namespacing enables it to manage who has access to the digital assets hosted on the platform and, if done correctly and on time, can help save costs.
  3. Define and enforce proper endorsement policies based on business contracts. These policies must be governed by a smart contract to ensure the security of the corporate network. These regulations should, as a best practise, be scoped and defined at both the namespace and ledger key levels. The blockchain solution uses these policies to determine the parameters that must be met in order to authenticate the legitimacy of a submitted transaction.
  4. To manage access to the blockchain solution and data, identity and access limits should be imposed. This would guarantee that the appropriate degree of access is granted to the appropriate individual. The off-boarding procedure should also be described in order to prevent information exfiltration. Audit logs and access mechanisms must be implemented to notify the operations team of any harmful behaviour so that it can be mitigated.
  5. If the company utilises its own IAM system and acts as an identity provider (IDP), relevant tokens such as OAUTH, OIDC, and SAML2 should be used to provide authentication, verification, and authorisation. The consortium members’ status as IDPs or service providers (SPs) should be determined early on.
  6. Use an HSM (Hardware Security Module) to safeguard the blockchain identity keys, and ensure that each organisation has its own partition in the HSM where the keys are stored. Using an HSM to store the blockchain identity keys ensures the security of the keys. The partitioning procedure ensures that each organisation has its own partition with its own admin privileges and roles for partition activities.
  7. For administrative or change management purposes, use a PAM (Privileged Access Management) solution to verify that only users with the appropriate permissions have access to the components. This is especially important given that the platform may contain sensitive information such as payment transactional data for users and members.
  8. API security best practises should be followed to protect API-based transactions. APIs are the primary means of communication between the many components of a blockchain solution. APIs must be protected against unauthorised use and limited to the scope of the transaction.
  9. Use a secret store to gain application and privileged access. A variety of components of blockchain technology interact with both user- and API-based transactions. Some of these transactions are dependent on fixed keys such as passwords, tokens, or certificates. These keys must be kept in a private store, and access to them at runtime must be restricted based on usage.
  10. Use a data categorization strategy to protect data/information. It is vital to identify and categorise data linked with commercial, legal, and technological sectors in order to implement appropriate information security policies to protect data and ensure privacy.
  11. To secure data, use DevOps to automate application vulnerability scanning during the development lifecycle. According to the data categorization analysis, data security must be implemented at several levels, including application and database.
  12. Trusted Platform Modules (TPMs) should be utilised for sensitive code execution. Certain solution components are more important than others, and implementing trusted platform modules in these critical components helps with cryptographic content storage. They also enable the execution of a privacy-preserving chaincode that detects tampering by the node’s administrator.

Conclusion

There is no such thing as a perfectly secure cyber defence or information system. What is deemed safe now will not be safe in the future, because cybercrime is a profit-making enterprise, and the resourcefulness of criminals in devising new means of attack is unparalleled. Despite the fact that certain blockchains incorporate underlying features that ensure data confidentiality, integrity, and availability, cyber security controls and standards are essential for organisations using blockchains to defend themselves against external threats.

 

If you would like to read more news like this, visit our Website.  You can also follow DeFi Planet on Twitter, Facebook, Instagram, and LinkedIn.

Don't miss out!

Subscribe To Our Newsletter

Receive top education news, lesson ideas, teaching tips and more!
Invalid email address
Give it a try. You can unsubscribe at any time.
Thanks for subscribing!
Share98Tweet61Share17
Tezalpreet Dhanju

Tezalpreet Dhanju

Related Posts

Beyond Bitcoin: Why Ethereum Deserves a Bigger Slice of Institutional Portfolios
Opinion

Beyond Bitcoin: Why Ethereum Deserves a Bigger Slice of Institutional Portfolios

23 July 2025
What is the Real Potential of the Open Network (TON)?
Project Reviews

What is the Real Potential of the Open Network (TON)?

23 July 2025
Is Browser-Based Crypto Mining Still Profitable in 2025?
Explainers

Is Browser-Based Crypto Mining Still Profitable in 2025?

23 July 2025
If Crypto Were Just Hype, It Would’ve Died Years Ago
Opinion

If Crypto Were Just Hype, It Would’ve Died Years Ago

23 July 2025

Featured Posts

What is a Crypto Order Book and How Does it Work?

What is a Crypto Order Book and How Does it Work?

byOlayinka Sodiq
14 July 2025
0

Elon Musk's xAI Colossus: What It Is and Why It’s a Big Deal?

Elon Musk’s xAI Colossus: What It Is and Why It’s a Big Deal?

byOlayinka Sodiqand1 others
12 July 2025
0

Is AI the Future of Crypto Trading or a Threat to Market Stability?

Is AI the Future of Crypto Trading or a Threat to Market Stability?

byOlajumoke Oyaleke
7 July 2025
0

What Are DeFi Options Vaults, and How Do They Work?

What Are DeFi Options Vaults, and How Do They Work?

byOlajumoke Oyaleke
26 June 2025
0

source: investorplace.com

How to Find the Newest Cryptocurrencies Before They’re Listed

byOlayinka Sodiq
30 December 2024
0

Read More

Chain of Thoughts

The Game-changing Triumvirate: Blockchain, Data Science, and Artificial Intelligence

The Game-changing Triumvirate: Blockchain, Data Science, and Artificial Intelligence

byOlu Omoyele
30 June 2025
0

...

Are Stablecoins Bank Deposits?

Are Stablecoins Bank Deposits?

byOlu Omoyele
31 May 2025
0

...

DAOs and the Coordination of Human Endeavour

DAOs and The Coordination of Human Endeavour

byOlu Omoyele
27 April 2025
0

...

Should DeFi Be Regulated?

Should DeFi Be Regulated?

byOlu Omoyele
27 March 2025
0

...

Markets Update

Your Weekend Crypto Roundup | July 2025 (Week 4)

2 days ago

Your Weekend Crypto Roundup | July 2025 (Week 3)

1 week ago

Account Abstraction Adoption: Are Users Ready for Smart Wallets?

2 weeks ago

The Role of Real-World Assets (RWAs) in the Next DeFi Boom

2 weeks ago

Stablecoins in 2025: Still Depegging or Finally Stable?

2 weeks ago

Your Weekend Crypto Roundup | July 2025 (Week 2)

2 weeks ago
Read More

Events

Rare Evo 2025
Rare Evo 2025
6 Aug 25
Las Vegas
CBDC Conference
CBDC Conference
9 Sep 25
Nassau

Spotlight

All about Ethereum
All about Algorand
All about Bitcoin
All about Gora

Press Releases

Pepeto Announces $5.5M Presale and Demo Trading Platform

bychainwire
25 July 2025
0

$75K in Rewards Announced for Valhalla’s First-Ever Tournament

bychainwire
25 July 2025
0

Bybit and Tether Launch Strategic Partnership to Accelerate Crypto Adoption in Brazil

bychainwire
25 July 2025
0

Remittix Presale Raises $17M After Revealing Next-Gen Web3 Wallet Beta Launch Date

bychainwire
25 July 2025
0

BioSig Technologies and Streamex: Pioneering Real-World Asset Tokenization in the U.S. Market

bychainwire
25 July 2025
0

Read More

ADVERTISING

ABOUT

TEAM

CAREERS

CONTACT

TERMS & CONDITIONS

PRIVACY POLICY

© Copyright 2025 DeFi Planet

Welcome Back!

Login to your account below

Forgotten Password?

Retrieve your password

Please enter your username or email address to reset your password.

Log In
Please enter and activate your license key for Cryptocurrency Widgets PRO plugin for unrestricted and full access of all premium features.

Add New Playlist

No Result
View All Result
  • News
    • People
    • Business
    • Crime
    • Regulation
    • Crypto
    • CBDC
  • Markets
    • Bitcoin
    • Ethereum
    • Stablecoins
    • Altcoins
    • Crypto ETFs
    • Memecoins
  • Policy
  • Articles
    • Press Releases
    • Opinion
    • Explainers
    • Guest Post
    • Sponsored
  • Directory
    • Companies
    • People
    • Products
    • Wallets
  • Multimedia
    • Videos
    • Podcasts
  • Learn
    • DeFi Basics
    • Tutorials
    • Reviews
    • Blockchain Fundamentals
  • Research
    • Case Studies
  • Explore
    • DeFi
    • Crypto Gaming
    • NFT
    • DAO
    • Metaverses
    • Glossary
  • Jobs
  • Markets Pro
    • DeFi Planet Pro
    • Spend Crypto
    • Swap Crypto
    • Coin Prices
    • Crypto Exchanges
    • Crypto Analyzer

© Copyright 2024 DeFi Planet   |   Terms & Conditions   |   Privacy Policy

-
00:00
00:00

Queue

Update Required Flash plugin
-
00:00
00:00