Bitcoin and cryptocurrency users are often targeted by criminals. We have seen numerous attack vectors affecting this user base already. Whether it is phishing attacks, malware, ransomware, Trojans, or fake ICO projects, the number of threats out there should never be underestimated. According to a brand-new website, internet routing attacks may pose a significant threat to Bitcoin and other cryptocurrencies. Two specific types of attacks may cause a lot of issues in the future.
Internet Routing Attacks and Bitcoin
There are quite a few issues associated with Bitcoin which will cause problems sooner or later. One of these problems involves the centralized “hosting” of Bitcoin nodes. As one would expect, very few people run such a node on their own computer infrastructure at home. Instead, they generally use a VPS or other online solution to add a node to the network. While this is a valid approach, the vast majority of Bitcoin nodes are hosted on just 13 different ISPs. Considering that there are over 50,000 internet service providers worldwide, that is quite worrisome.
To make matters worse, the new website also claims that a large amount of Bitcoin network traffic passes through three different ISPs. That is quite a startling discovery, considering it pertains to almost 60% of all Bitcoin network traffic. This is an unacceptable situation for a cryptocurrency which prides itself on being a decentralized and global solution. A lot will need to change in order to prevent this centralization from becoming a big problem in the near future.
With so few ISPs effectively controlling the Bitcoin network – up to a certain degree – they could quite easily enforce a routing attack against the network. If that were to happen, this handful of ISPs could redirect traffic through fake announcements on the internet routing system. Hijacks are nothing new in the world of online connectivity, and they’ve been happening quite a lot as of late. Some of these attacks have (allegedly) affected the Bitcoin network already. In fact, around one hundred Bitcoin nodes are reportedly hijacked every single month. That is a very worrisome statistic that doesn’t bode well for Bitcoin whatsoever.
The site explains how two different attack vectors can be used to cripple the Bitcoin network. The first attack revolves around splitting the network into different components. Certain nodes would no longer be able to communicate with the rest of the network, creating a parallel blockchain. If this attack were successful, any blocks mined on the smaller “component” would be discarded with all of the transactions and miner revenue included. That would be an economic disaster if a lot of miners suddenly found themselves on the wrong blockchain.
A second type of attack might push the Bitcoin block time back by up to 20 minutes. Right now, network blocks are discovered roughly ten minutes apart, but a proper routing attack would push this time back to 30 minutes. We have seen multiple incidents where the Bitcoin network got clogged up despite normal block generation times. A delay in block time would only compound these problems and result in the network grinding to a halt at some point. Clearly, routing attacks are not to be trifled with whatsoever.
The big question is whether or not anyone will even attempt to pull off such an attack. The site’s researchers have released a prototype implementation of the block delay attack, which can be found on GitHub. For now, no ISP has actually tried to disrupt Bitcoin in a major way, but that doesn’t mean no one won’t do so in the future. A solution to the node problem must be found sooner rather than later, but that is much easier said than done at this point. Running a node should always be done on one’s home computer or capable device, rather than a VPS or centralized server.