Attacking the trust machine: Developing an information systems research agenda for blockchain cybersecurity

Blockchain-based systems become increasingly attractive targets for cybercrime due to the rising amount of value transacted in respective systems. However, a comprehensive overview of existing attack vectors and a directive discussion of resulting research opportunities are missing. Employing a structured literature review, we extract and analyze 87 relevant attacks on blockchain-based systems and assign them to common attack vectors. We subsequently derive a research framework and agenda for information systems research on the cybersecurity of blockchain-based systems. We structure our framework along the users, developers, and attackers of both blockchain applications and blockchain infrastructure, highlighting the reciprocal relationships between these entities. Our results show that especially socio-technical aspects of blockchain cybersecurity are underrepresented in research and require further attention.