Bitcoin hit a new all-time high of over $2,700 dollars last week, which means hackers have a greater incentive than ever to target it. How vulnerable is bitcoin to cyber attacks?
Bitcoin was introduced by a pseudonymous coder in 2009. Bitcoins are made at a fixed rate by “mining” or “processing transactions and securing the network using specialized hardware,” and blockchain technology is a distributed ledger of transactions that is constantly being verified by miners.
Bitcoin is theoretically vulnerable to hacking, although not necessarily more so than PayPal, a traditional bank, or the Visa network. Because its code is open source, programmers continuously review it for flaws. This means the underlying protocol is pretty robust. There is little fear that the bitcoin code itself could be exploited.
“Bitcoin itself, and most of the other cryptocurrencies, have never been hacked or even really had any downtime,” said Chris Wilmer, an assistant professor at the University of Pittsburgh and the founder of Ledger, an academic journal covering the blockchain technology at the heart of Bitcoin.
There is one type of attack that could affect the bitcoin network: the 51 percent attack, which is widely considered to be bitcoin’s greatest inherent flaw. Because it is decentralized, bitcoin is vulnerable if any one player or cartel gains control of 51 percent of the computing power of all miners. This would allow them to stop transactions and reverse transactions, which would throw the network into chaos. In the past, at least one group has achieved control of 50 percent of the network. However, the more people using bitcoin, the safer it is — and more people are using bitcoin now than ever. It’s difficult to get an accurate count of how many users bitcoin has, but the estimates are in the millions.
Where Bitcoin becomes truly insecure is when other technology starts to get involved. Bitcoin was conceived as a “trustless” system; you don’t have to trust any centralized party in order to use your money, because transactions are facilitated by other members of the network. In reality, bitcoin is too complicated for most people to use without mediators such as apps, wallets, and other digital currency services. The biggest need is for third party exchanges, which are sites where bitcoin is bought and sold for other currencies. All these third party services are only as safe as their own security. Mt. Gox, arguably the most famous example of an exchange going belly up, filed for bankruptcy in early 2014 after around 850,000 bitcoins went missing.
Bitcoin is still largely unregulated, which means your money isn’t insured and there is often no accountability for exchanges. So while bitcoin tech itself remains unhacked, the methods used to collect, buy, and sell remain as potential attack vectors.
The biggest threat to Bitcoin, then?
“It’s people,” said Simon Bain, CEO of BOHH Labs, a cybersecurity startup focused on banking. “It’s always been people, and it always will be people. There are good people, and there are not-so-good people, and those not-so-good people want to grab hold of your information. If you leave that information in the hands of let’s say, seven miners, then at some point those not-so-good people are going to go to one of those miners, and that miner is going to be exploited — whether they know it or not.”