GOV UK says ‘digital pound likely this decade’, IEEE comments on cybersecurity risks
February 2023 by IEEE
This week, both the Treasury and Bank of England announced that a state-backed digital pound is likely to be launched later this decade* . Both institutions want to ensure the public has access to safe money that is easy to use in the digital age. Chancellor Jeremy Hunt has stated the central-bank digital currency (CBDC) will be a new ‘trusted and accessible’ way to pay, but it will not be built until 2025.
The Treasury previously stated that there will also be a public consultation on Britain’s first general regulatory approach to crypto assets; a sector where consumer protection has come under scrutiny in recent weeks**.
Kevin Curran, IEEE senior member and professor of cybersecurity at the University of Ulster, believes there should be a greater focus on the security implications that could come with the introduction of the ‘digital pound’:
“The UK Government is considering introducing a ‘digital pound’ through stablecoins. These coins are cryptocurrencies, where their price is fixed to that of another asset. In general, stablecoins have a low-price volatility as the market is growing rapidly. Most of these coins are used in newly developing paradigms for digital currency, as well as for decentralised finance technology (DeFi).
“There are security implications with stablecoins; one being ‘illegal minting.’ This is where a software glitch is exploited, and hackers can produce their own stable coins. This would lead to an increased supply overall and would negatively affect the stable coin price. Other users may also end up with fraudulent coins, which may be confiscated down the line.
“There is also the risk that hackers may gain access to user credentials and software development environments where they can update any smart contracts. The hackers could, for instance, increase fees, mint new coins, or even shut down the system.”
Professor Curran believes that a digital currency could be compromised and pose a serious risk to consumers:
“Data oracles are used within stablecoin ecosystems, many of which provide exchange rate information, as they are generally centralised entities. However, there is a serious risk that they could be compromised. For example, incorrect exchange rates could be broadcasted and attacks on the predictions of future exchange rates which could be used. There is also concern about potential attacks on the underlying blockchain, which is not unique to stablecoins. If hackers were to possess the majority of the blockchain mining power, then a complete hijack of the stablecoin could be initiated.
“Cryptocurrencies, given their nature, are a highly attractive target for hackers and many security flaws have been found recently. The introduction of stablecoins by the UK Government, will likely result in more attacks in the days ahead.”