Enterprise blockchains: Private yet vulnerable to attacks

Enterprise blockchains are blockchain networks that are designed as private networks and limited to authorized parties only. This should make them seem more secure and efficient than public networks such as Bitcoin and Ethereum as a lesser number of computers have access to the network and only a few computers have to reach an agreement to make a decision. However, this does not make them invulnerable.

Enterprise blockchains are not invulnerable

While private blockchains provide a sense of security as most users are familiar with each other, they are still vulnerable to a few factors. One problem is that such networks are most vulnerable to insider threats.

According to Paul Brody from consulting giant EY, this is because private blockchains are walled off and the work that is usually done to secure the data inside the network is very low compared to public blockchains. Brody added that public network use zero-knowledge proofs and various other tools to keep sensitive data off-chain.

However, these tools are not used in a private blockchain and as a result, any insider that can access the blockchain can view all critical data on the network.

The blockchain lead at Kaspersky, Pavel Pokrovsky noted that the most common attack employed against enterprise blockchain networks would be a denial of service attack. This is different from a DDoS or distributed denial of service, where a company’s servers are overwhelmed by useless requests.

A denial of service attack requires information instead of computing power. The attacker would need to know the addresses of the nodes and what can overwhelm them. Pokrovsky explained, “For example one of our clients’ nodes could not process very large numbers, say, 12 zeroes and more. They would just freeze.”