Can blockchain prevent cybercrime?

Rage Commentary : Network security vulnerabilities have caused great losses to banks. Both Bangladesh Bank and Ecuadorian Bank are victims of these security vulnerabilities. Obviously, the painful facts prove that traditional security networks such as SWIFT cannot cope with increasingly sophisticated technical crimes. The emergence of blockchain and distributed ledger technology provides the latest and most complete technical support for bank funds security. Although it cannot be asserted that this technology can completely replace the existing security system, at least it is combined with the existing system to combat current hacker attacks. Network security vulnerabilities have caused great losses to banks. Both Bangladesh Bank and Ecuadorian Bank are victims of these security vulnerabilities. Obviously, the painful facts prove that traditional security networks such as SWIFT cannot cope with increasingly sophisticated technical crimes. The emergence of blockchain and distributed ledger technology provides the latest and most complete technical support for bank funds security. Although it cannot be asserted that this technology can completely replace the existing security system, at least it is combined with the existing system to combat current hacker attacks.

Translation: Annie_Xu

Can blockchain and distributed ledger technology protect the world's critical financial systems from attacks?

Banks use standard electronic messages consisting of codes and identifiers to make international payments and transfers, which is the universal language of finance. In order to meet legal requirements, verify participants, detect violations, and prevent any suspicious points and anomalies, many audit methods, various forms, various processes and policies and regulations are set up. Before executing a transaction, it is necessary to check various special databases, such as individuals and groups on blacklists or government sanctions lists. Given that transactions involve hundreds of billions of dollars, it is not surprising that so many controls are set up.

However, even with so many financial means and so many people monitoring the flow of money in the back end, hackers still succeed in stealing funds from time to time.

A major theft occurred at the beginning of the year. Nearly $81 million was lost from the account of Bangladesh Bank, the central bank of Bangladesh. The hackers used the account of the New York Federal Reserve. The hackers originally planned to steal $1 billion, but the New York Federal Reserve was lucky enough to prevent most of the funds from being lost through the protection network.

This is what happened.

Theft

The case is still under investigation, but the parties involved are trying to shirk responsibility. The New York Fed said they found and rejected most of the fraudulent requests. Cyber ​​criminals pretended to be Bangladesh Bank and sent a total of 35 messages to the New York Fed, involving a total amount of up to $1 billion, but only a few requests were approved. Compared with the New York Fed's $800 billion in international remittances per day, $5,800 seems relatively small.

However, Bangladesh Bank said the frequency of the transfer requests was suspicious and the New York Fed should have stopped the scam altogether because last year Bangladesh Bank applied for transfers to institutions almost twice a month, while this time it requested 35 transfers to individuals in one year.

In addition, the bank-owned SWIFT has also been criticized because it is responsible for the management of communication protocols, software and hardware and security networks. The agency handles 25 million communications between about 10,000 banks and companies every day. Critics say SWIFT has done nothing to improve the security environment of its network and should have invested more in network communication security technology.

Bangladesh Bank has its own problems. Some say the bank's system was vulnerable because of lax security controls. The hackers deployed the malware a month before the attack, giving them plenty of time to plan and prepare. Bank officials did not monitor transactions online, and the only way to check system communications was to print out messages received on the SWIFT network. The hackers disabled the printing function, and the bank fixed the problem the next day after discovering the New York Fed and the scammers' information.

The timing of the attack was very accurate. The hacker sent the fraudulent message on Thursday, and when the New York Fed responded, Bangladesh Bank was closed on Friday and Saturday. When the bank repaired the printing function and discovered the fraudulent message, it was weekend in New York. When the New York Fed finally discovered the fraud and tried to block the remittance, the Philippines, where the money was transferred, was actually celebrating the Chinese New Year.

It was a complete fluke

The initial 35 messages requesting a $1 billion remittance were missing some key information, so the New York Fed rejected it. So the hacker immediately corrected it and resent the request. This time the New York Fed executed five transactions, but people said it was all luck. The destination bank of the remittance happened to be Jupiter Street in the Philippines, which has the same name as the Iranian oil tankers and shipping agents sanctioned by the United States.

A fragile global network

The reality is that global networks, especially those involving remittances, have always been a prime target for cybercriminals, who are reaching new levels of sophistication and organization.

And these criminals have a lot of resources, even the backing of rogue governments, and enough motivation to steal millions of dollars. Banking veterans also say the industry has always had a culture of keeping quiet when thefts or breaches occur. But in order to find and fix vulnerabilities, there should be an open and collaborative attitude to share information and conduct investigations.

The criminals behind the Bangladesh Bank heist were well versed in the system, circumvented the strongest defenses, and attacked the weak links in the international payment network. They may also have been behind the $12 million theft from an Ecuadorian bank through Wells Fargo, a U.S. bank that is now in legal battle with the two banks.

US security solutions company Symantec believes the hacker group may be Lazarus, the same group responsible for the 2014 attack on Sony Pictures, and is backed by the North Korean government.

Blockchain and distributed ledgers

Blockchain is designed to support the decentralized virtual currency system - Bitcoin; however, the world's financial system is centralized and uses government-issued fiat currencies. A decentralized system is actually a trustless system because there is no trusted institution involved, and decisions are made by logic and consensus written in the system.

The blockchain is an immutable and irrevocable record of transaction history, so it is possible to determine ownership and execute Bitcoin transactions. It also prevents Bitcoin holders from making duplicate payments. Nodes, or computers, in the virtual currency system verify Bitcoin transactions, rather than a single centralized institution responsible for bookkeeping. The blockchain ensures that the Bitcoin system is permissionless and does not require authorization or resolution from a central authority, so it is autonomous.

The definition of a distributed ledger is broad. Although blockchain developers have primarily used it for Bitcoin, the distributed ledger architecture can support a variety of systems. Distributed ledger systems in financial services are generally permissioned, so they are not autonomous and can be combined with varying degrees of flexibility and control.

Distributed ledger architecture can improve risk management

The anti-fraud system based on distributed ledger has multiple databases that work together to effectively combat fraud. The system keeps a confidential record of transaction history for reference and verification, but it is not disclosed to everyone in the system (unlike open blockchain transactions). The system also stores and updates authorization certificates to verify the sender and recipient of transactions.

Currently, banks and financial institutions have their own risk management systems internally and refer to general information on blacklists and sanctions lists. Therefore, individual banks need to develop strong risk management systems, which will result in inconsistent systems and very different risk control and operational processes. A distributed system can help everyone in the international market, not just large banks, but also small banks that lack high-tech risk management systems.

Banking systems often have a large number of "false positives", treating transactions as suspicious or fraudulent. However, most of these transactions only lose part of the information and are corrected before resubmission. This proportion of false positives has led bank employees to begin to ignore the dangers of such alarms. Distributed ledger systems can be managed by major stakeholders, such as central banks and large commercial banks. Whether central bank institutions such as SWIFT meet the needs of such systems has long been controversial. In fact, a distributed system with an ISO standard format can operate autonomously, or it can be completely supported by only a small number of skeleton staff supported by major participants.

Collaboration in various ways

Central banks are exploring a hybrid system where a single institution manages data records while using a distributed ledger system to ensure network security and authenticity. This system is applicable to many scenarios - global, regional, local, and domestic, so that central institutions in multiple countries can develop additional layers of decentralized shared systems.

Although it takes time and costs a lot to build an international remittance system based on a customized distributed ledger, and internal conflicts and vulnerabilities in private keys mean that in theory no system can completely prevent a well-designed cyber attack. However, a hybrid system of the two can detect fraudulent or money laundering transactions and make repairs more quickly.