Cryptocurrency company investors have, yet again become victims of phishing attacks, and this is just the beginning…
With this week’s news that hackers stole millions of dollars worth of Block.one’s EOS tokens, there is, yet again, more evidence indicating that certain large cryptocurrency companies – and their blockchain platforms – have severe security vulnerabilities. For instance, just yesterday, Guido Vranken, a Dutch ethical hacker participating in Block.one’s bug bounty program, reported he has found 15+ bugs in the Block.one EOS network. The timing of these security issues comes just before today’s Block.one ICO (initial coin offering).
Whether it be Block.one’s EOS, or another cryptocurrency – because of similar, sometimes cloned blockchain platform architecture-these start-up blockchain platforms are a huge risk for businesses or investors. There is no guarantee that your business will be able to securely run operations, and any money that you have invested is not necessarily secure either. Businesses and investors should be evaluating proven, experienced vendors that specialize in security and are using the blockchain platform to further expand their offerings, rather than vendors with security features and processes that have no track record.
Block.one has raised $4 billion dollars to date in investment capital from investors looking a viable competitor to the Etheruem platform. However, it should be noted that even with this level of investment, Block.one has received criticism for limited product development, and security glitches. Still, investors brought money to the table.
John Oliver, the host of Last Week Tonight, recently voiced that Block.one is “a software company that doesn’t plan on selling any software.” To go along concerns about product development, prior to last week’s Block.one’s mainnet launch, a Chinese Internet security company, Qihoo 360, identified multiple high-risk vulnerabilities and brought those to Block.one’s attention.
With today’s launch, EOS offers a platform where developers can actively build blockchain-based applications for their businesses. The project has promised to provide a platform that can process millions of transactions per second and eliminate user fees all together according to the company’s white paper.
With cryptocurrency based blockchain platforms like EOS and Ethereum providing a foundation for applications that are targeted at fast distribution aimed at mass consumption, there is no denying these solutions are efficient. The real question that you should ask yourself is, how secure would these platforms be for my business?
According to The Next Web, “There have been rising concerns over the security of proof-of-work cryptocurrencies, with at least five attacks in the last two months involving Verge, Electroneum, Bitcoin Gold, and Monacoin.” The developers of Bitcoin, Jameson Lopp and Peter Todd noted that this is in part due to lazy cloning of larger blockchains. When you are rushing a solution to market to beat the competition, or to respond to pressure from investors, there will be repercussions down the line.
Is there an alternative?
Consider this. Major vendors that are also involved in blockchain–such as Microsoft, IBM, Oracle, and Amazon – have been working in the secure transaction processing arena for years. They are working with well-established, proven, secure platforms because they can’t risk losing customer’s transactional data – nor can they afford to have it breached.
Investors and customers of blockchain-based cryptocurrency platforms such as Block.one have been cautioned and have seen evidence that there are security vulnerabilities that could lead to a loss of confidential data or money. Well known names like IBM and Microsoft that are creating enterprise blockchain solutions want to protect their reputation. They don’t take risks. They have been building security into their solutions for years and years and have teams of distinguished scientists and engineers working behind the scenes to make their offerings and bug-free and “unhackable”.
Recently, there has been buzz around running blockchain on System z mainframes because of their ability to fast transaction processing and pervasive encryption. I would like to see more blockchains deployed on this type of architecture and other established, secure platforms from proven vendors. When you choose a vendor, bear this in mind – consider established vendors, don’t get caught up in the hype, be cautious and do your research.