The blockchain technology has become more and more secure as the years went by, however, it is still far from perfection. To avoid the inconvenience of losing cryptocurrencies and other blockchain assets, you must be familiar with the different cybercrimes that can happen to the blockchain, and one of which is the Sybil attack.
What really is a Sybil attack? In this guide, we will understand the nature of the attack, how it affects blockchain users and how to avoid it.
Defining Sybil Attack
Sybil attack is an effort to manipulate or control a peer-to-peer network via the usage of multiple accounts or fake identities. These disingenuous users are disguised as real unique users but are under the control of a single group or individual.
By using multiple fake user accounts, a malicious entity may leverage more centralized power in a network meant to be decentralized, influence majority opinion on social media platforms, cast fraudulent votes in a democratic governance process, etc.
This type of attack existed long before blockchain networks. It can be used in just about any sort of P2P network, so it’s a potential threat to many applications. This computer network service attack has gone by many other names, including “pseudospoofing” and “sock puppets.”
The name of Sybil Attack comes from the book “Sybil”, a work of the well-known writer Flora Rheta Schreiber. In this book, Sybil Dorsett, a young woman who suffers from dissociative identity disorder (DID), a psychological disorder that leads a person to create several different identities of himself. However, it was not until 2002, when Brian Zill — a well-known computer scientist working for Microsoft — suggested the name for a job of John R. Douceur. Douceur, who is another Microsoft researcher, describes these types of attacks as part of their research work.
How does Sybil Attack work?
In order to launch a Sybil attack, the perpetrator of the attack needs to create many accounts on the network that they will use to impersonate legitimate users. They then need to gain access to an account that is already on the network and impersonate that user. This is done by compromising their email address or password.
If you own cryptocurrencies, it is important that you use a secure password management system like LastPass or KeePass in order to make sure your passwords are not easily compromised. Not only can this provide a layer of protection against malicious actors attempting to take advantage of your account, but it can also protect against unintentional phishing attacks.
Another common precaution that people take against Sybil attacks is using two-factor authentication (2FA) with an authenticator app like Google Authenticator or Authy. This device acts as your second factor for logging into your account and prevents attackers from gaining access by hijacking your phone number or email address if they have stolen your password or 2FA code.
In modern times, a large-scale Sybil attack can be one of the most efficient ways of taking over a system such as bitTorrent’s Mainline DHT. A Sybil attack can be used to manipulate outcomes in a network, or it can disrupt a network’s functioning entirely.
Sybil Attacks
The main goal of a Sybil attack on a blockchain network is to gain disproportionate influence over decisions made in the network. The attacker creates and controls several aliases to achieve this effect.
Here are several problems a Sybil attack may cause:
- Block users from the network — a Sybil attack that creates enough identities enables threat actors to out-vote honest nodes and refuse to transmit or receive blocks.
- Carry out a 51% attack — a Sybil attack that enables one threat actor to control over half (51% or more) of a network’s total hash rate or computing power. This attack damages the integrity of a blockchain system and can potentially cause network disruption. A 51% attack can modify the order of transactions, reverse the actor’s transactions to enable double-spending, and prevent the confirmation of transactions.
Instances where Sybil attacks took place:
Bitcoin network
Many decisions that affect operations in a Bitcoin network are voted on. By voting, miners and those who maintain network nodes may or may not agree with a proposal. If attackers create multiple identities on the network, they can vote for as many identities as they control.
Sybil attacks can also control the flow of information in a network. For example, a Bitcoin Sybil attack can be used to obtain information about the IP address of a user connecting to the network. This compromises the security, privacy and anonymity of web users. The only thing an attacker has to do is take control of nodes in the network, gather information from those nodes, and create fake nodes initiating their identities.
Once they achieve dominance in the network, the attacker can implement censorship — blocking other users from legitimately using the network.
Tor network
The Tor network operates on a peer-to-peer model, allowing nodes to surf the Internet anonymously. However, a malicious or spying entity can take control of tens, hundreds, or thousands of nodes, compromising privacy of the network. When both ingress and egress nodes are controlled by attackers, they would be able to monitor network traffic of everyone transferring data via the compromised nodes.
How blockchains mitigate Sybil attacks?
Blockchain, specifically public blockchains, try to mitigate this problem by using different consensus mechanisms such as Proof of Work (PoW) and Proof of Stake (PoS). These mechanisms help ensure that achieving the majority becomes very difficult, and in the end, the reward does not justify the cost.
It ensures that to get the majority, the attacker either needs to control the majority of the total hash rate, which is very expensive in the case of PoW, or in the case of PoS, stake their own cryptocurrency, which ensures that the ledger cannot be tampered with unless the attacker stakes a significant amount of money which will make the whole process extremely expensive.
How to avoid Sybil Attacks?
There are many ways in which you can protect your assets from Sybil Attacks. Some practical methods are:
- Electrum wallet — This wallet uses a key derivation function to create and store multiple keys for your account, making it very difficult for someone else to access your account.
- Hardware wallet — A hardware wallet stores the private keys on a piece of hardware that is separate from the computer you use to interact with the Bitcoin network; therefore, if an attacker were able to gain access to your computer and steal your hardware wallet, they would not be able to make any transactions on the account.
- Using two-factor authentication — Two-factor authentication comes in many forms such as Google Authenticator or Authy. With this method, when you log into a client application on your phone or PC, you will have to enter a code that is sent via text message or email before you can log into the device. It creates another layer of security by requiring something that only you possess like a password or some other form of identification.
- Coinbase Account Recovery — If you ever lose access to your account on Coinbase then they offer a recovery option so that you can restore all of the funds that were stored in it back onto the blockchain and avoid having them permanently lost.
Final Thoughts
Ultimately, a Sybil attack is one of the leading threats in modern blockchain technology. These online assaults can damage crypto values, steal funds and affect user privacy. But as the entire industry and space transitions into a more decentralized ecosystem — with decentralized finance (DeFi), decentralized exchanges (DEXs), and more proof-of-stake blockchains, this threat will become less of a concern in the future.
