Blockchain Can Help Fix Cybersecurity

Cybersecurity is a problem. The more people that jump on the web and the more sophisticated the technology, the bigger the cybercrime industry becomes. In fact, DDoS attacks, hacks, Malware, and data breaches cost the global economy around $450 Billion every year.

Cybersecurity professionals are caught in an exhausting game of whack-a-mole, trying to catch their breath. Yet with existing centralised infrastructure and sometimes outdated systems, no matter how robust a company’s firewall, it’s still vulnerable to attack.

Worldpay VP and Head of Global Cyber Defense & Security Strategy, Peter Tran, says that the days of endpoint, reactive tactics are coming to an end. “Build a higher firewall?” he remarks, “The attacker will just use a longer ladder to get over or around it.”

If you’ve ever travelled to a country not big on accepting plastic, you’ll know the uncomfortable feeling of walking around with wads of cash in your pocket. If all your money is on you everywhere you go, it only takes one unfortunate incident before everything is lost for good.

To rub even more salt into the wounds, there simply aren’t enough cybersecurity professionals to go around. Unemployment in the industry is almost zero, and, with the growth of blockchain and AI technologies, a talent gap wider than the Gibraltar Strait is beginning to appear.

Professionals are scrambling to get up to speed and front the challenges of emerging tech head-on before the criminals do. But even so, by 2020, research predicts that there will be almost 2 million cybersecurity positions vacant, with companies unable to fill them.

Blockchain and Cybersecurity
While it may not be the silver bullet to cybersecurity’s problems, blockchain has great potential to help solve some of the many challenges the industry faces. And it’s not just potential that blockchain shows; real use cases are starting to prove their worth, with some pretty awesome projects happening right now. Let’s take a closer look

Decentralised Storage
When all the data is no longer housed in one place that’s open to attack, a full-scale attack becomes much harder to coordinate. Says Nick Spanos founder of the Bitcoin Centre, “In cybersecurity, having all the passwords in one central location is a good way to get your clients’ identities and passwords stolen, to where the hackers can then access everything on every site. With blockchain, the user controls their private key. By using crypto-graphic signatures, they will be able to sign transactions and messages, without being exposed to central servers.”

In fact, there are plenty of companies taking advantage of blockchain’s decentralised nature, and one at the forefront is Edge. Their ethos is simple, yet effective, empowering users to take control of their own data.

Edge believes that all information should be housed on the “edge” of a network and not stored in one centralized location. Rather like separating your travel money, saving some at the hotel, a little more in your bank, another stash in a secret place, and perhaps some with your travelling companion, Edge works in this way with your data. Instead of having to rely on enterprise server security, the data is encrypted from your device before it gets anywhere near a server or network.

Fraud Prevention
Another of blockchain’s many touted qualities is its immutability. While that aspect has been challenged on several occasions, the use of sequential hashing and cryptography still makes it a front-runner as the most secure technology we have. Blockchain tech is very good at fraud prevention and a particular fit with organisations that handle sensitive data. Since all transactions are time-stamped and recorded in a block linked to another block, they can’t be tampered with without altering the entire chain. A feat almost impossible to achieve.

Guardtime is a data security company that’s currently using blockchain technology to keep sensitive records secure. Its Keyless Signature Infrastructure (KSI) allows clients across multiple verticals, including defence and medicine, to keep classified data safe, and the latest company to join their client list is telecommunications giant Verizon.

Multi-Factor Authentication
Multi-factor authentication can help to eliminate the softest target for cybercriminals, which is easily hackable passwords. Gemalto manages digital identities and interactions through blockchain and multi-factor authentication, providing solutions such as VPN 2FA authentication, software OTP authenticators, and Hardware-based OTP authenticators. Exchanges are using this type of technology more and more in the hope of preventing attacks on them, like that of Bitfinex that lost around $60 million to cyber thieves.

According to Scott Schober, Author of Hacked Again and CEO of BVS Systems, humans are the biggest threat to cybersecurity. By “improving our cyber hygiene” and not getting lax with passwords and security, measures like 2FA can help halt hackers in their tracks.

IoT Security
IoT and its devices have been the root cause of many a high-profile hacking scandal. Just thinking about cases of medical equipment being hijacked and controlled by hackers and car losing control over their entire fleet of vehicles is enough to send alarm bells ringing. IoT is still vastly insecure and it’s another area in which blockchain is proving to be useful. Household names like IBM are using blockchain with their Watson IoT platform to allow devices to transmit data to secure blockchain ledgers. Rather than floating around in cyberspace or being held in one central location waiting to be attacked, the data is stored in tamper-resistant blocks and validated with secure smart contracts.

Australian communications company, Telstra, is also employing blockchain to secure their smart home IoT ecosystems, thanks to its ability to verify data. Blockchain can detect whether the biometric authentication data is legitimate and ensure the smart home stays secure.

Final Thoughts
Not everyone is leaping for joy at the capabilities of blockchain technology, citing other existing or emerging solutions as being more appropriate. Tran, for example, remains cautious, believing blockchain needs more time to mature, or that perhaps blockchain combined with AI may be a more effective path forward.

There is certainly no shortage of possibilities. But beyond the continued hypothetical talk and the projects awaiting funds, these blockchain-powered cybersecurity solutions are happening now. And they’re showing real promise.

Digitex

You Might Also Read: 

It's Time To Embrace Blockchain Technology:

 

« Tackling UK Cyber Crime
Blockchain - The Netherlands Is Blazing A Trail »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

TenIntelligence

TenIntelligence

TenIntelligence provides due diligence, brand protection and fraud investigation services including digital forensics.

Help Net Security

Help Net Security

Help Net Security has been a prime resource for information security news and insight since 1998.

LEXFO

LEXFO

LEXFO specializes in the security of information systems, assisting clients in protecting information assets using an offensive and innovative approach.

Carson & SAINT

Carson & SAINT

Carson & SAINT is an award-winning consulting firm with deep experience in cybersecurity technology, software, and management consulting.

Cygilant

Cygilant

Cygilant is a SOC2 certified service provider that combines MSSP and Incident Detection and Response (IDR) capabilities managed by global SOCs staffed with trained security engineers.

CloudMask

CloudMask

CloudMask patent technology provides Dynamic Data Masking (DDM) that masks sensitive data, structured or non-structured, in real-time.

Destel

Destel

Destel is a system integrator and provider of IT services focused on Advanced Network & Security Solutions.

Statice

Statice

Statice develops state-of-the-art data privacy technology that helps companies double-down on data-driven innovation while safeguarding the privacy of individuals.

DataDome

DataDome

DataDome offers real-time AI protection against all OWASP automated threats, including credential stuffing, layer 7 DDoS attacks, SQL injection & intensive scraping.

German Accelerator

German Accelerator

German Accelerator supports high-potential German startups in successfully entering the U.S. and Southeast Asian markets.

Adarma Security

Adarma Security

Adarma are specialists in threat management including SOC design, build & operation.

NARIS

NARIS

NARIS is the leading provider of an integrated Governance, Risk and Compliance platform called NARIS GRC.

Quantropi

Quantropi

Quantropi is bound to be the standard for quantum-secure data communications – forever unbreakable, no matter what.

Drumz

Drumz

Drumz plc is an investment company whose investing policy is to invest principally but not exclusively in the technology sector within Europe.

rSolutions

rSolutions

rSolutions delivers managed cybersecurity services to clients in many industry sectors including financial services, telecommunications, energy, government and retail.

Safe Data Storage

Safe Data Storage

Safe Data Storage offer a fully managed, professional, secure UK-based online backup service to businesses, education and charities.