Support 416-591-6711 option 1 or Email Us

The Potential of Blockchain in Cybersecurity

Fri, 12 Jul 2019

There is no one form of cyber defence that is 100 percent secure. Cybersecurity methods regarded safe today won’t necessarily be considered safe tomorrow. With the potential big payouts of cybercrime, cybercriminals continuously look for new ways to attack, and the everchanging threat landscape presents new challenges on a weekly, if not daily, basis.

 The Potential of Blockchain in CybersecurityBlockchain is the hot new buzzword technology on the block and is touted as being safe and immutable. While these claims of security have traction, no technology is perfect. Businesses using blockchains need to adopt robust cybersecurity standards and controls to better protect themselves from external cyberattacks. Blockchain is still relatively new. Yet, even in its relative infancy,  we see the promise and potential that blockchain brings to help organizations combat cybersecurity risks such as ensuring data integrity is maintained and authenticating digital identities.

What's a blockchain?

(If you are an IT person you can probably move on to the next sub-heading!)

A blockchain is a list of data records that are called blocks. These blocks are all linked using cryptography. Each data block includes  a cryptographic hash of the previous block. Due to its design, a blockchain is resistant to modification and therefore keeps data  safer. It is a distributable ledger that can efficiently record transactions between parties in a permanent and verifiable way.

As Don and Alex Tapscott defined it in Blockchain Revolution (2016), “The blockchain is an incorruptible digital ledger of economic transactions that can be programmed to record not just financial transactions but virtually everything of value.”

To grossly oversimplify it blockchain is, "a time-stamped series of immutable record of data that is managed by cluster of computers not owned by any single entity. Each of these blocks of data (i.e. block) are secured and bound to each other using cryptographic principles (i.e. chain).”[i]

 

Here is a visual depiction of how blockchain works:

The Potential of Blockchain in Cybersecurity

[ii]

 

Blockchain has gained much admiration because:

 

  • It’s decentralized
  • The data is stored cryptographically
  • It's transparent so that the data can be tracked
  • No one can meddle with data inside the blockchain

And while the financial sector currently has the most obvious use cases for blockchain, there are lots of other business applications which will find value in it, such as securing industries with a growing reliance on the Internet of Things (IoT).

Blockchain has vast potential in securing the Internet of Things (IoT) technologies which are often vulnerable and therefore exploited. IoT devices are often manufactured with less than stringent security built-in. Blockchain technology can be used in protecting entire systems, including edge devices, from attack. Blockchain can bestow enough intelligence on IoT devices that they can make cybersecurity decisions without central authority reliance. IoT devices could potentially form a group consensus regarding normal network behaviour and lockdown any suspiciously behaving nodes.[iii] 

 

Other blockchain business applications include:

The Potential of Blockchain in Cybersecurity

[iv]

 

Our question is, of course, what does blockchain mean for cybersecurity?

 

Cybersecurity That’s Good Enough for NASA

Cybersecurity solutions based in blockchain are becoming more commonly considered security options – and not just for enterprises. Earlier this year, NASA released a research paper that studied the implementation of blockchain technology to bolster cybersecurity and help to prevent Denial of Service (DoS) attacks on air traffic services. NASA’s model looked at implementing distributed ledger technology similar to that which is associated with cryptocurrencies. NASA’s solution is built on “Hyperledger Fabric,” a blockchain framework solution designed for enterprise applications. NASA explored the possible uses of blockchain in security, authentication, privacy and air traffic management.

“Hyperledger Fabric features a number of distinctive design innovations intended to differentiate it from “fintech” systems and make it more versatile and appropriate for enterprise transactions that support air traffic surveillance use-cases. These features include: permissioned membership, consensus management, private channels and contracts, decentralized implementation, full-featured computer-languages used in chaincode, and open source code that may be modified to meet air traffic surveillance requirements (e.g. implementing high-speed channels to meet system transport-delay constraints).”[v]

As per the research report, “The design innovation is the use of an open source permissioned blockchain framework to enable aircraft privacy and anonymity while providing a secure and efficient method for communication with Air Traffic Services, Operations Support, or other authorized entities.”[vi]

 

Blockchain and Cybersecurity, In Defence of Data

If NASA is considering it, then blockchain is clearly becoming a viable technology in cybersecurity. Blockchain has the potential to protect organizations across all industries from cyberattacks and better secure data. As the majority of cyberattacks begin with a phishing scheme or social engineering, human error is what really needs to be secured against. In fact, in 2017, the most widely used infection vector was spear-phishing emails, which were used by 71 percent of threat groups that staged cyberattacks.[vii]  Blockchain technology eliminates humans from the equation – which is creepy, but effective. It is, for example, next to impossible for a smart contract to be scammed since the conditions for its execution are exceptionally challenging to manipulate.

The Maryland Department of Labor was breached this year, exposing the sensitive data of 78,000 people. The breach occurred in January after nine staff members fell victim to a phishing attack allowing the threat actors access to a legacy database that stored Social Security Numbers, contact information and other personal identification.[viii] Using blockchain would have kept this scenario from occurring. The decentralized data storage solutions that blockchain technology allows for mean that hackers do not have a single point of entry. If they do breach the database, they can’t access whole repositories of data.

The primary factor in using blockchain for cybersecurity is decentralization. When data, access control and network traffic, are no longer stored in a single location, it becomes increasingly difficult for threat actors to exploit, which in turn means more security and less cybersecurity vulnerability. Blockchain has the potential to increase transparency, increase security and increase efficiency; but, as far as wide adoption across enterprises, that's what blockchain is right now – all potential and promise.

Blockchain’s characteristics are not an impenetrable cure-all for every cybersecurity issue; to believe that would be naïve at best. As with all technologies, blockchain implementation must coincide with other system and network security controls, incident response and due diligence. Speak with a cybersecurity specialist about how to best protect your blockchain, or more generally, your network from cyberattacks.

 

 



‹ Back