Authorities assure that the mistake is due to a hack of the system. This would have happened through a web platform of the public body.
A security failure that occurred in Argentina’s Federal Blockchain system allowed hackers to validate a false resolution. The country’s government classified as false the document that the system validated last Saturday, March 14th. This event shows weaknesses in this blockchain platform.
Data provided by the authorities shows that the document called “Official Gazette of the Nation”, number 34,329, included actions related to the current Covid-19 disease that the World Health Organization (WHO) declared as a pandemic last March 11th, 2020. Shortly after the WHO declaration, Argentine authorities corrected the document, certifying it again on the network.
According to local media, the authorities found the failure after determining that computer criminals violated the Official Gazette website. Local media consulted citizens regarding this issue. According to their answers, this act highlights flaws in the system when it comes to certifying documents, especially in the different channels for publication.
The authorities did not express further details about the issue, so it is unknown if the Official Gazette website conducted automatically this certification process in the blockchain network or if the help of a user was necessary to introduce the false publication.
Although the authorities corrected the resolution, the event affected the positive opinion of users and aroused strong opinions on social networks. A user explained the process for entering data into a decentralized network and commented that there must be a person responsible for the action.
Besides, the same user, whose name on social networks is @nubis_bruno, questioned the security of the network’s management and expressed that if the network was hacked there should be an investigation that would bring justice.
“Putting the Official Gazette on the blockchain platform allows people to take over what they say. If something bad was posted because they hacked the platform, then there was a cybercrime. We must stop, report, and investigate”, the Argentine authorities explained to local media.
Another user named @jmtruffa, or Juan M. Truffa, gave his opinion. He thinks the same that the previous user. “The pdf is signed and the signature validates when the document is perfect. So here hackers either stole the keys or they lie”.
This network uses Blockchain-based Distributed Ledger Technology (DLT) for the exclusive use of authorized entities such as some private organizations and public bodies.
In the past, it was possible to certify other documents of the Official Gazette, through the Federal Blockchain of Argentina and using other platforms such as OpenTimestamps, which uses the Bitcoin network. But the validation task is now determined with Argentina’s Federal Blockchain after an update conducted during 2018.
Distributed Ledger Technology is a digital system that allows transactions or operations to exchange data, information, inter alia. In this way, only authorized parties have access to introduce new certification movements. The data is unchangeable; only the parties involved can share and view it on the network.
However, this network works as a “semi-public” system, so some invited members may also have access. This is the point that Argentine authorities should evaluate and even change to avoid future mistakes.
By María Rodríguez