The State of Blockchain Applications in Cybersecurity

Published

eSecurity Planet content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More.

Blockchain is best known as the database technology facilitating and securing cryptocurrency transactions, but its application to broader cybersecurity issues is just beginning.

The brilliance of blockchain technology lies in its ability to validate transactions between parties, and, in turn, store a permanent record of those transactions on a decentralized network. This functionality makes forging a record in a blockchain ledger extremely difficult at best.

Even the U.S. Department of Justice and the FBI were unable to crack it. In the recent case of the Colonial Pipeline ransomware attack, the DoJ and the FBI were able to recover a majority of the crypto-payment made to the DarkSide ransomware group. However, federal officials didn’t reverse the blockchain transaction. As the DOJ describes it, authorities were only able to locate and seize assets from DarkSide’s wallet – in other words, they cracked access to an account rather than the system itself.

The potential for blockchain in enterprise security is sweeping: network distributed denial of service (DDoS) attacks, endpoint devices, insider data theft, and data privacy are some of the potential applications. But the biggest security use of blockchain to date has been authenticating code changes in widely distributed software – which was at the heart of the SolarWinds and Kaseya attacks that exposed thousands of companies to malware. In the Kaseya attack, about 60 managed service provider (MSP) partners and 1,500 downstream businesses were impacted in the attack. SolarWinds managed to limit damage to fewer than 100 companies – but its clients include some of the world’s largest companies.

At present, blockchain adoption is most visible in finance, supply-chain management, and cloud services. For these industries and more, data storage, identity management, and smart contracts are applications where blockchains could shine.

We’ll look at what blockchain technology is, how its development relates to cybersecurity, and the state of blockchain-based security solutions.

What is a Blockchain?

In a few words, blockchains are advanced databases that timestamp and store clusters of data in immutable virtual blocks linked chronologically. Blockchains are a type of distributed ledger validated by a peer-to-peer network (P2P).

A graphic image of blockchain's relationship to distributed ledgers and distributed databases. Designed by Sam Ingalls.

Difficult to comprehend for the masses, and praised by others as the most innovative tech breakthrough of the new millennium – conceptually, distributed ledger technology (DLT) based on P2P networks isn’t new. How they differ is what makes blockchains an attractive technology for a multitude of industry solutions.

A graphic image showing how blockchain transactions work through a peer to peer network.

Blockchains are unique from other distributed ledger types due to their data structure, sequence, power needs, real-life implementation, and the use of tokens. While consensus is a staple of DLT, blockchain developers can use multiple methods for achieving consensus, including proof of stake (PoS) and proof of work (PoW). Structurally, a DLT doesn’t require a block-chain formation.

Permissionless Blockchain

Since blockchain’s arrival, cryptocurrency has framed the technology as permissionless, or a public blockchain. Anyone can join the network, interact, and transactions are visible to all. Beyond financial exchange, permissionless blockchains offer strong security through decentralization, and potential use cases include identity verification, voting, and fundraising.

Permissioned Blockchain

Permissioned blockchains, or private blockchains, aren’t truly decentralized because they’re organized by a governance structure and authentication process for nodes. With a less-than decentralized blockchain, permissioned systems only offer partial immutability. For advantages, private blockchains are more scalable and energy-efficient with suggested use cases of banking and supply chain management.

Security Paradigms: Traditional Networks vs. Blockchains

DDoS: Overwhelming the Network

In the age-old denial of service (DDoS) attack, a fleet of attacker devices can overwhelm an organization’s web server, thus blocking access to legitimate users. Similarly, blockchains aren’t immune to a barrage of transactions. A determined actor can slow blockchain processing or crash access if successful in exceeding the number of transactions the network can handle.

Types of Endpoints Matter

For modern networks, the introduction of new endpoints – be it remote laptops for personnel or client IoT devices – is a roadblock being actively addressed. While cybersecurity trends like zero trust push the focus inward, organizations must always consider endpoint vulnerabilities.

For blockchains, every node is an endpoint and an opportunity for hackers to attempt to send false transactions to the chain. If the network’s nodes are homogenous, a flaw in one system is a flaw in all. Alternatively, a network of heterogeneous nodes gives attackers more options for finding vulnerabilities. Though nodes can be vulnerable, by definition, a blockchain network contains enough nodes that the compromise of a single, or even a fraction of, the network wouldn’t impact the veracity of the blocks.

Insider Threats and Intentional Misuse

As defending the network perimeter has become less feasible, ensuring data is secure from inside threats has become the priority. Using proof-of-work, blockchains can incentivize network nodes to preserve the integrity of data, thus ensuring that transactions and the chain remain accurate.

By incentivizing processing power, blockchains are open to potential compromise if enough of the network nodes are controlled by a single entity. In what’s known as a 51% attack, public blockchains are vulnerable to a majority node owner manipulating the ledger.

Code and Contract Vulnerabilities

While the term has changed meaning thanks to blockchain’s rise, a smart contract is a method of fulfilling an agreement between two parties digitally. Like a physical contract, code written into smart contracts defines how both parties must act to fulfill the agreement, such as being paid for work completed. Because there is no central authority to resolve flaws, errors in smart contract code can have wide-reaching consequences.

Smart contracts are almost exclusively deployed via blockchain today, with Ethereum being the DLT mechanism of choice. The smart contract code controls the terms of the execution and ensures transactions are trackable and irreversible for both parties.

Ensuring Privacy and Confidentiality

Network administrators increasingly struggle to defend important assets and resources because of the sheer number of segments, varying permissions, and controls. While data might be siloed and hosted in-house for a traditional network, blockchains are uniquely public, connected, and distributed across an external network of nodes.

While blocks are visible to the public, the data that parties use to complete transactions isn’t. If a blockchain user completes a transaction via a web browser, they could unknowingly be presenting sensitive details to a browser hijacker or keylogger.

Next-Generation Cryptography

Since the 1970s, Public Key Infrastructure (PKI) has offered encryption, authentication, bootstrapping, and digital signatures to secure digital communications. PKIs use asymmetric key cryptography to manage digital certificates and public and private keys between users and devices.

Going back to RSA 2018’s Cryptographers’ Panel, it was the ‘S’ in RSA, Adi Samir, who said blockchain could address threats presented by quantum computing. As encryption methods go, AES-128 and RSA-2048 are vulnerable to quantum attacks.

Blockchain has adopted one of the newest cryptographic innovations in Keyless Signature Infrastructures (KSI). For the cryptographic method, KSIs use the security of hash functions produced by a blockchain. Notably, this application overcomes the weaknesses of RSA encryption and traditional blockchains by offering scalability, faster settlement times, and near-immunity from quantum threats.

KSI Innovator: Estonia’s Guardtime

Founded in 2007, Guardtime is a network security company that specializes in deploying distributed, virtualized machines built to execute tasks with cryptographic proofs of correctness. KSI was designed specifically to help the Estonian government implement a validated proof of operations. Akin to zero trust, KSI blockchain technology works to reduce inherent trust between devices and systems by encoding cryptography into the design of applications.

Guardtime’s flagship solution, MIDA Cybersecurity, is a unique approach to addressing compliance management and reporting. For every digital asset – configuration, firewall rules, VM images, etc. – Guardtime matches it with a cryptographic container. With an underlying blockchain infrastructure, digital assets with provenance, policy information, and preserved integrity offer real-time compliance reporting.

Applying Blockchains: Prospective Solutions

Blockchains remain a technology too technical for most organizations to consider. The razzmatazz of cryptocurrency hasn’t helped blockchain’s adoption as a technology beyond finance. While everyone works to better communicate blockchain technology, the potential applications are immense:

  • Preserving data veracity by blocking false transactions
  • Distributed PKI and multi-signature login capabilities
  • Verifying and logging software updates and downloads
  • More robust security for Domain Name Systems (DNS)
  • Decentralized data storage that removes the need for a honeypot
  • Securing edge devices with identity authentication
  • Mitigating risk of false key propagation and identity theft
  • Producing systems without a single point of failure

Where Blockchain Meets Cybersecurity

The triad of cybersecurity emphasizes that the three pillars for any network must be confidentiality, integrity, and availability. While blockchain offers integrity through a decentralized validation network and availability by publicly displaying block transactions, blockchains are not a means of satisfying confidentiality. Quite the opposite, data placed on blockchains should only be information organizations are willing to make public.

A graphic image of the well-known "Triad of InfoSec" which prioritizes Integrity, Confidentiality, and Availability.

Blockchain Pros

  • Near-instant updating
  • Chronological and timestamped
  • Cryptographically sealed
  • Irreversible and auditable
  • Operates without trust
  • Fewer third parties

Blockchain Cons

  • Irreversibility
  • High operations cost
  • Blockchain literacy
  • Storage limits
  • Adaptability challenges
  • Risk of compromise

Cloud Vendors Offering Blockchain Services

The biggest cloud service providers all offer some form of Blockchain-as-a-Service products for individuals and organizations interested in deploying applications, acquiring managed blockchain services, or using existing blockchain resources to develop a new solution.

Amazon Web Services (AWS)

For Amazon Web Servers (AWS), clients can choose an open-source blockchain framework, join an existing network or create a new private network. From there, clients can invite other users to their private network, and provision and select peer nodes that store a copy of the distributed ledger. Finally, the client can now deploy applications through peer node networks and transact with peers without a central authority.

Microsoft Azure

In a blow to enterprise blockchain hopes, Microsoft earlier this year announced that it is shutting down its Azure Blockchain service on Sept. 10. From the Azure cloud platform, clients can deploy and operate blockchain networks in a scalable fashion. Without building and developing the underlying network, Azure Blockchain enables clients to focus on business logic and app development. With two levels of service, the Basic plan is fit for development, testing, and proof of concepts, while the Standard tier gives organizations more availability and performance capabilities to develop blockchain solutions.

The logo for IBM Cloud

IBM Cloud Blockchain

The IBM Blockchain Platform employs the open-source Hyperledger Fabric designed for the enterprise community. With modularity being a driving feature, the Hyperledger Fabric allows for a variety of controls on cryptography, identity, consensus protocols, and smart contract languages. Offering a full-stack service, IBM’s BaaS allows clients to model, create, and operate networks with the performance and security needed for today’s compliance standards. Deployment options include IBM Cloud, third-party clouds, on-premises, and hybrid cloud infrastructures.

Cybersecurity Vendors Using Blockchain

Block Armour

Launched in 2017, Mumbai-based Block Armour offers a cybersecurity platform for unifying network access across enterprise and IoT environments. Using blockchain-based identity technology, Block Armour enforces zero trust principles to mandate trust, establish granular access, and defend against inside threats.

Hacken

Headquartered in Kyiv, Hacken was also founded in 2017 and offers solutions in three areas: blockchain security, penetration testing, and security assessments. For blockchain-based offerings, Hacken includes contract audits for Ethereum, Tron, EOS, as well as formal verifications, and blockchain protocol audits to ensure optimal security before deployment.

Hyland Credentials

Started as Learning Machine in collaboration with MIT Media Lab, Hyland Credentials has grown into a leader in providing blockchain-secure digital records to public and private organizations globally looking to issue blockchain records at scale. Utilizing their open standard Blokcerts, companies can transparently manage identities and activity on a real-time secure blockchain.

Chronicled

Custodian of the MediLedger Network, Chronicled first started deploying their blockchain platform in 2014 before zeroing in on life sciences in late 2016. With blockchain-enabled IoT devices, Chronicled helps industries like pharma, commodities, and precious metals to track supply chain activity. With more visibility into shipments, organizations can reduce counterfeiting.

The Intersection of Cryptocurrency and Cybersecurity

Cryptocurrency, also known as crypto coins, exists on blockchains unique to the coin. Starting with Bitcoin (BTC) in 2009, it’s the on and off again hype of cryptocurrency that’s led the blockchain technology movement. Without a centralized authority, cryptocurrencies like BTC and Ethereum (ETH) offer a look into how coins could replace fiat currency in an increasingly globalized ecosystem.

Given the inherent risk and volatility of the cryptocurrency market, it’s fair to say most enterprises are sitting this one out. Still, how does the adoption of cryptocurrency as a form of consumer or B2B payment impact business processes and cybersecurity?

Cryptocurrency Risks for Coins

Some industry leaders and government authorities are warming to the idea of validating the worth of cryptocurrency. Like any other asset on the balance sheet, coins could be legitimate and valued holdings. This poses big questions about how organizations are adapting to a system where there is no central authority.

As blockchains are praised for being impenetrable, the greatest risks attached to coins are human error and platform vulnerabilities. Because transactions come from recognized devices, hackers only need to gain access to the coin holder’s wallet, or even their browser, to disrupt the user’s account. Attack vectors like phishing, third-party applications, and compromised registration forms remain the most pertinent to crypto traders.

Interested in learning more about securing crypto-assets? We offer best practices for wallet security and vigilance in NFTs: The Newest Collectible.

Sam Ingalls Avatar

Subscribe to Cybersecurity Insider

Strengthen your organization’s IT security defenses by keeping abreast of the latest cybersecurity news, solutions, and best practices.

This field is required This field is required

Get the free Cybersecurity newsletter

Strengthen your organization’s IT security defenses with the latest news, solutions, and best practices. Delivered every Monday, Tuesday and Thursday

This field is required This field is required