The next generation web —Web3— has been hailed as more secure than the current incarnation of cyberspace, but a report released Tuesday warns that may not be so.
While Web3 may be difficult to subvert on an infrastructure level, there are other points of attack that may offer threat actors more opportunity for mischief than can be found in the legacy web, according to the report fromForrester, a national technology research company.
Web3 applications, including NFTs, aren’t just vulnerable to attack; they often present a broader attack surface than conventional applications due to the distributed nature of blockchains, Forrester reported.
Further, it added, Web3 apps are desirable targets because tokens can be worth substantial sums of money.
“The distributed approach of Web3 provides different types of security capabilities, but the fundamental problems remain the same,” added Mark Bower, vice president for product atAnjuna, a confidential computing company, in Palo Alto, Calif.
“If an attacker gets access to credentials, root-level privilege or keys — particularly private keys that run across the entire ecosystem,” he told TechNewsWorld, “then it’s game over, just as it would be in a centralized platform.”