In the cryptocurrency industry, last year was “A year of clean up”, and this year some experts view that it will be “a year of restarting”. Liberty which continued to ask itself “What is credible blockchain technology?” and to make it public is posed to make serious efforts to tackle blockchain issues going forward. This time we look back at the first quarter of this year, and would like to examine two incidents which are characteristic of the threats which surround the cryptocurrency environment.
■ The “ETC 51% Attack Incident” which took advantage of negative speculations towards mining.
Mining means “to mine” and when discussing cryptocurrencies, the easiest interpretation is believed to be “to analyze information for new transactions and create blockchains”. In order to analyze information, obviously a huge volume of calculations is necessary. Therefore, a system has been made available where persons who have provided mining of calculation resources are paid a reward with the relevant currency. This has invited mining popularity, and as many miners arrayed themselves to mine, the hash rate also rose. The mining pool was born as a product of the state of mutual inflation of the popularity of mining and increase in hash rates.
Mining pool is like a “facilitator” which gathers hash rates through connections with minors from around the world. It is something like a huge server. By this, the entire hash rates are raised significantly, and the rate of discovering blocks also rises sharply, and the role as server has also become stronger. Furthermore, it also comes with a function to participate in the block chain and approve blocks. To explain the process flow, when the mining pool finds a block which requires approval, it requests the creation of hash to the pool participants, and if a participant succeeds in generating a hash and getting a block approved, the reward is once sent to the address of the pool. Thereafter, the reward is distributed to each participation depending on each of their work volume. It is indeed a simple process flow. However, the weak point of the mining pool is that, when the price of the currency goes down, the miners easily retreat from the mining pool. Obviously, in a mining pool where participants have decreased, the number of persons with the power to monitor also decrease, and the remaining miners are given power.
So, what will happen when a dangerous person discovers this unveiled circumstance of the mining pool structure? This fear was realized in the “51% Attack” incident which took place this January, when one mining pool announced that they “succeeded in the 51% attack on ETS”.
The “51% attack” is exactly what it says, an attack in mining when attackers acquires a monopoly exceeding half and is able to approve transactions as such attacker’s desire. If there are only a few minors, it is easy for an attacker group to monopolize a majority control and continue to approve blocks for the sake of one’s own expedience or gain control over monitoring power. It is as if one day suddenly a server supported by only 10 people are overtaken by a group of 6 engineers and announcing that “We succeeded in an attack. If there is a structure to gain voice by work volume, the threat is even larger. In response to the strange announcement, the ETC side promptly denied the 51% attack, however, there was some credibility to the dangerous hypothesis of “wait a minute, there may be some mining pools which are gradually shrinking, so what if that was ETC?”, so one can say that this is the reason behind the 7% decline in the price of ETC which was the target of the attack. When there are small weaknesses, someone will arrive to capitalize on it. This will be the issue going forward for cryptocurrencies and blockchain.
■ The hacker state viewed as being dangerous at the United Nations level
While the United Nations Security Council was conducting an implementation status survey of the sanctions against North Korea, it was announced that of all countries North Korea had illegally acquired cryptocurrencies by using cyber-attacks on foreign currency transaction sources. This was reported in the Nikkei newspaper this March.
Specifically speaking, it said that North Korea while avoiding sanctions had been scrabbling to strengthen cyber-attacks in order to proceed with funding, and succeeded in illegal access to a cryptocurrency exchange. As a result, it said that the nation robbed more than 55.5 billion yen worth of assets in the short period between January 2017 to September 2018. Furthermore, it reported that the nation was also involved in the huge loss of cryptocurrency NEM/XEM at the domestic exchange Coincheck, and succeeded in at least 5 attacks towards cryptocurrency exchange firms in Japan and South Korea.
It is a seriously grave situation, a large scandal, given that financial institutions including central banks are being hacked, and also from the perspective of not only domestic laws but also international ethics. However, there are some reports that North Korea, while keeping a cool face, had possessed a cyber-attack force of around 500 people. It is pointed out that the surprisingly the nation has been utilizing state of the art technology including block chain technology to vigorously continue cyber-attacks. Even if the U.S. etc. impose economic sanctions, if the nation would rather hack for the sake of prosperity of the nation rather than regret, it is better to seriously reconsider measures keeping in mind that “international politics is being conducted against a hacker nation” in addition to economic sanctions. This obviously means that going into the future, it will become an issue to take even stronger countermeasures, for both the targeted Japanese people as well as Liberty which was founded to protect the peace of citizens.