4 key cybersecurity threats to new central bank digital currencies

(Credit: Unsplash)

This article is brought to you thanks to the collaboration of The European Sting with the World Economic Forum.

Author: Sebastian Banescu, Senior Research Engineer / Security Auditor, Quantstamp & Ben Borodach, Vice-President, Strategy and Operations, Team8 & Ashley Lannquist, Project Lead, Blockchain and Distributed Ledger Technology, World Economic Forum

  • Central bank digital currencies (CBDC) are increasing in uptake.
  • They could improve financial access and payment efficiency.
  • To ensure trust in CBDC, central banks must ensure their cybersecurity.

With G7 officials recently endorsing principles for central bank digital currencies (CBDC), and over 80 countries launching some form of initiative related to CBDC, it seems their widespread deployment is a matter of time. CBDC is a digital form of central bank money that can be accessible to the general public; essentially, it consists of individuals and firms having access to transaction and savings accounts with their home country’s central bank. Those of the Bahamas, China and Nigeria have all implemented early CBDC programmes, with more expected in the future. If successful, CBDC could help policy-makers achieve goals around payment efficiency, financial inclusion, banking and payment competitiveness, access to safe central bank money in the era of digital payments, and more.

Yet like any digital payment system, CBDC is vulnerable to cybersecurity attack, account and data breaches and theft, counterfeiting, and even farther-off challenges related to quantum computing. For citizens to be comfortable adopting CBDC, they will need to be confident in its security. Ultimately, it will not be successful if it does not carefully consider and invest in a robust cybersecurity strategy. Decision-makers should look to cybersecurity best practices such as those published by the US National Institute of Standards and Technology (NIST) and the Microsoft “STRIDE” model. This article, which summarizes key points from the World Economic Forum’s new white paper on CBDC Technology Considerations, lays out additional imperative considerations for CBDC cybersecurity.

How can we make sure CBDC is secure for decades to come? We discuss four major dimensions to its cybersecurity below:

1. Credential theft and loss

CBDC access credentials are needed for accessing and transferring funds. Such credentials could be given in the form of a passphrase that could be easily communicated even on paper, or a hardware token that stores the private keys. Regardless of the form, the threat of theft and credential loss is significant, meaning account funds and data could be compromised.

Theft can be physical or virtual, especially in the case of passphrases. Given the arsenal of modern attackers, techniques such as social engineering, side-channel attacks and malware could be used to extract credentials from a CBDC user’s device. Moreover, if passphrases or hardware tokens are lost/damaged due to fire/water or natural calamities, CBDC users should not simply lose all their funds and data. Therefore, the system should have built-in credential recovery mechanisms.

If a CBDC is based on blockchain technology, it might use a multi-signature (“multi-sig”) wallet where at least two other trusted parties hold credentials to the same wallet (this could be the central bank itself and/or family members or other contacts of the end users). The drawback of multi-sig wallets is that they are less user-friendly, since for any transfer one needs to coordinate with at least one other party. Such security-usability trade-offs are common even nowadays with internet banking where 2 Factor Authentication (2FA) is extremely common. If CBDC is based on traditional technology, a privileged authority could simply update a database entry with new credentials.

Over 80 countries are launching some form of initiative related to CBDC
Over 80 countries are launching some form of initiative related to CBDC Image: BIS

2. Users with privileged roles

One concern is that central bank or government insiders, law enforcement and other agents may have roles that allow privileged actions, such as the freezing or withdrawal of funds in CBDC accounts without the user’s consent. These capabilities are in line with today’s compliance procedures in regulated payment systems. Though such roles are likely to be a functional requirement of a CBDC, it is possible for them to enable malicious insiders to abuse the system. As with other types of information security, the central bank – and any intermediaries involved – should have and execute a cybersecurity risk-management plan covering such privileges. Multi-party mechanisms, such as those employed by multi-signature wallets or other protections, could increase the difficulty of such attacks.

If the CBDC operates on blockchain technology, where nodes include non-central bank entities that have powers to validate or invalidate transactions, malicious validator nodes can pose security threats. They could also undermine the central bank’s monetary authority and independence by virtue of accepting or rejecting transactions that are contrary to the central bank’s intention. Thus, it is generally not recommended for non-central bank nodes to have transaction validation powers unless absolutely necessary.

3. System integrity and “double spending”

Depending on the consensus protocol used, non-central bank nodes with privileged power could declare transactions as invalid, essentially blocking them from being accepted by the network and creating a denial-of-service attack for CBDC users and censorship of their transactions.

Collusion by non-central bank nodes could also enable “double-spending” attacks, a form of counterfeiting where the CBDC is spent multiple times illegitimately. The nodes may also decide to “fork” the distributed ledger, creating a different track and view of the ledger of transactions that disagrees with the central bank’s. CBDC end users could try to spend funds from their wallets in multiple places, also constituting digital counterfeiting. Risk of double-spend is higher if the CBDC in question has offline capability, depending on the technology with which it operates; in this scenario, double-spend transactions could be sent to offline entities without the high-security validation process that would normally occur online.

By imposing spending limits and transaction frequency when the CBDC user is offline, the impact of such attacks would be reduced. Further, once a device that is conducting transactions comes back “online”, compliance software could sync with any transactions that have concurred during the offline period.

4. Quantum computing

Quantum computing will ultimately impact all financial services as it compromises major data encryption methodologies and cryptographic primitives used for protecting access, confidentiality and integrity of data stored and transmitted. CBDC is no exception. Therefore, the threat of emerging quantum computers, which can compromise the cryptography employed to secure CBDC accounts, must be taken into account during technology design. For instance, central banks should consider the vulnerability of certain primitives to forthcoming quantum computing. Moreover, quantum computers in the future might be able to break the cryptography in the CBDC system without detection.

What is the World Economic Forum doing on cybersecurity

The World Economic Forum’s Centre for Cybersecurity is leading the global response to address systemic cybersecurity challenges and improve digital trust. We are an independent and impartial global platform committed to fostering international dialogues and collaboration on cybersecurity in the public and private sectors. We bridge the gap between cybersecurity experts and decision makers at the highest levels to reinforce the importance of cybersecurity as a key strategic priority. World Economic Forum | Centre for Cybersecurity

Our community has three key priorities:

Strengthening Global Cooperation – to increase global cooperation between public and private stakeholders to foster a collective response to cybercrime and address key security challenges posed by barriers to cooperation.

Understanding Future Networks and Technology – to identify cybersecurity challenges and opportunities posed by new technologies, and accelerate forward-looking solutions.

Building Cyber Resilience – to develop and amplify scalable solutions to accelerate the adoption of best practices and increase cyber resilience.

Initiatives include building a partnership to address the global cyber enforcement gap through improving the efficiency and effectiveness of public-private collaboration in cybercrime investigations; equipping business decision makers and cybersecurity leaders with the tools necessary to govern cyber risks, protect business assets and investments from the impact of cyber-attacks; and enhancing cyber resilience across key industry sectors such as electricity, aviation and oil & gas. We also promote mission aligned initiatives championed by our partner organizations.

The Forum is also a signatory of the Paris Call for Trust and Security in Cyberspace which aims to ensure digital peace and security which encourages signatories to protect individuals and infrastructure, to protect intellectual property, to cooperate in defense, and refrain from doing harm.

For more information, please contact us.

Cybersecurity, along with technical resilience and sound technical governance, are the most important elements of CBDC technical design. Failure to implement a robust cybersecurity strategy and consider the risks introduced above could compromise citizen data and funds, the success of the CBDC programme, central bank reputational risk and broader opinions of the new currency. Based on past experiences in cybersecurity failures, the bar for security is not only about “keeping the bad guys out” or minimizing unauthorized account access. It must be comprehensive and consider the full spectrum of risks, ensuring that the system works as it was designed and that its integrity remains intact. Only then will CBDC be successful in achieving its goals.

the sting Milestones

Featured Stings

Can we feed everyone without unleashing disaster? Read on

These campaigners want to give a quarter of the UK back to nature

How to build a more resilient and inclusive global system

Stopping antimicrobial resistance would cost just USD 2 per person a year

African cooperation on peace ‘increasingly strong’, Security Council told

4 ways Africa can prepare its youth for the digital economy

Mobile technology saving lives: Changing healthcare systems with simple technology solutions

A Sting Exclusive: “Technology for all, development for all: the role of ITU”, written by the Secretary General of the United Nations Agency

The historical performance of women in human health

Mental health in times of a pandemic: what can each individual do to lessen the burden?

Why the way of loving closes doors of health?

MEPs agree on future regional and cohesion funding

Sakharov Prize 2021: Parliament to announce candidates

‘More time’ agreed for buffer zone, to spare three million Syrian civilians in Idlib

Lockdown is the world’s biggest psychological experiment – and we will pay the price

5 ways cities can use emerging technologies to fight climate change

COVID-19: Commission steps up research funding and selects 17 projects in vaccine development, treatment and diagnostics

Coronavirus: new procedure to facilitate and speed up approval of adapted vaccines against COVID-19 variants

These are the most innovative cities in the world

How COVID-19 revealed 3 critical AI procurement blindspots that could put lives at risk

Indonesian tsunami death toll climbs over 400 as Government-led relief efforts are stepped up

Coronavirus: Macro-financial assistance agreement provides for €80 million disbursement to North Macedonia

Digital Finance Package: Commission sets out new, ambitious approach to encourage responsible innovation to benefit consumers and businesses

Should trade continue to be global after the pandemic?

UN chief applauds Bangladesh for ‘opening borders’ to Rohingya refugees in need

The European Commission and Austria secure COVID-19 vaccines for the Western Balkans

Violent disorder is on the rise. Is inequality to blame?

Storms and snow in Lebanon worsen plight for Syrian refugees

Ditching plastic straws isn’t enough. Here’s how to achieve zero waste.

A call for a new crop of innovators

Planet’s Health is Our Health and the Reverse is True

NextGenerationEU: European Commission disburses €24.9 billion in pre-financing to Italy

EU Digital COVID Certificate enters into application in the EU

EU to pay a dear price if the next crisis catches Eurozone stagnant and deflationary; dire statistics from Eurostat

The results of Finland’s basic income experiment are in. Is it working?

Growing a new coral reef in a fraction of the time with a fragment of the coral

EU elections update: Can the EU voters vote unaffected from fake news and online disinformation?

This plastic-free bag dissolves in water

Canada has high levels of well-being and solid growth but trade tensions and housing market pose risks while inclusiveness could be improved

Global leaders adopt agenda to overcome COVID-19 crisis and avoid future pandemics

Safer roads: More life-saving technology to be mandatory in vehicles

The cuts on 2014 Budget will divide deeply the EU

FROM THE FIELD: Weather reports come to aid of Uganda’s farmers

EU leaders let tax-evaders untouched

What does reimagining our energy system look like?

Unprecedented humanitarian crisis in Mali revealed in new report

UN Envoy urges Burundi leaders to ‘seize opportunities for national unity and peace’

Tuesday’s Daily Brief: funding for Palestine refugees, families today, tech surveillance

Meeting the crypto regulatory challenge

Business models inspired by nature are the future

Business is a crucial partner in solving the mental health challenge

3 important lessons from 20 years of working with social entrepreneurs

3 ways to ensure the internet’s future is creative, collaborative and fair

UN must bring more women police officers into the fold to be effective – UN peacekeeping official

Getting vaccinated should just be considered a human right?

It’s time for the circular economy to go global – and you can help

Prospect of lasting peace ‘fading by the day’ in Gaza and West Bank, senior UN envoy warns

Does the “climate change” require ombudsman services for environment?

Not a single child spared the ‘mind-boggling violence’ of Yemen’s war

Stakeholder capitalism is urgently needed – and the COVID-19 crisis shows us why

Here’s how we get businesses to harmonize on climate change

Climate change and health: a much needed multidisciplinary approach

Desires for national independence in Europe bound by economic realities

Brazil must immediately end threats to independence and capacity of law enforcement to fight corruption

More Stings?

Speak your Mind Here

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: