A Taxonomy of Blockchain Threats and Vulnerabilities

Blockchain technology has become one of the most popular technologies for maintaining digital transactions. From the foundation of Bitcoin to the now predominant smart contract, blockchain technology promises to induce a shift in thought about digital transactions in many fields, such as energy, healthcare, Internet of Things, cybersecurity, financial services and the supply chain. Despite blockchain technology offers many cryptography advantages such as immutability, digital signature and hashing; it has suffered from several critical cybersecurity threats and vulnerabilities. In this paper, we build upon the previous studies on vulnerabilities and investigates over 60 real cybersecurity incidents that have been happening on the blockchain networks between 2009 and 2019. We categorise those incidents against the key cybersecurity vulnerabilities in blockchain technologies; and have developed a taxonomy that captures five types of cybersecurity threats and vulnerabilities based on five main players in blockchain. The outcome of this research prompted concerns and research direction in developing countermeasures to alleviate these risks.