Blockchain and Cybersecurity: A primer
https://www.youtube.com/watch?v=uc3sXoa6lUE
INTRODUCTION
Blockchain is an open and distributed technology that has been applied to many situations. It is typically used in finance, but it sees benefits in many areas. A block is a data structure with three components: data, the hash of the previous block, and the hash of the data and the previous hash. If the data changes in any of the blocks, the hash changes, and the chain breaks. Therefore transactions on the Blockchain are immutable. The Blockchain can provide cybersecurity solutions in many problematic areas.
THEORY
Since blocks in a Blockchain can never be modified, caution needs to be taken when adding new blocks. This is because modifying the chain of blocks would cause the integrity of all subsequent blocks to be affected.
Consensus algorithms can be either proof of work or proof of stake. Proof of work is a lot of computations that are done by miners on the Blockchain. Proof of stake is a lot of work done by owners of stakes in the Blockchain. Proof of work is resource-intensive, and proof of stake is not. This ensures that there is no central storage of data, which makes it ideal for cybersecurity needs. It also has advanced features which make it suited for today.
One of the ways Blockchain can be integrated into cybersecurity is to prevent fraud and identity theft. It can also be used to deter data theft by using distributed data storage. Data is stored in a way that prevents hackers from breaching a few computers and modifying just a few computers. However, this could only work if the hacker can compromise a significant number of computers with the copies of data.
Many companies are required to ask for more data than necessary to get services from them. These companies promise to keep the data safe, but hackers can find exploitable security gaps, like in the case of other companies. Blockchain can prevent identity theft by verifying that a customer is who they claim to be, through a decentralized identity system. This can be achieved by creating a universal system where all organizations can verify the identities of customers without necessarily having them transfer their sensitive details. This will reduce the possibility of compromise and make it expensive for hackers to steal user data.
Recent Implementations of Blockchain
Recent implementations of Blockchain in IoT, network, data, public key infrastructure, and data privacy were the most likely choices for security implementations. Research found that the focus of Blockchain security is understandable, as there are currently 9 billion devices which have weak security configurations. Research also found that many of these are being hacked and recruited into botnet networks. One such network is the Mirai Botnet, where IoT devices have been used with high rates of success against big targets such as Dyn DNS, one of the Internet’s largest domain name resolution companies. They are looking at ways to secure these devices by using Blockchain. Data storage is the second popular concentration of Blockchain cybersecurity research, in addition to public key infrastructure, due to the increased data theft cases where hackers can exfiltrate data belonging to billions of users. The interest in Blockchain security solutions is mainly around authentication since current network security measures can be compromised. Blockchain is also being explored for improving data privacy. The study mostly focuses on ways of authenticating users.
Blockchain technology can aid cybersecurity
Despite the existing security solutions offering commendable levels of protection, they still have vulnerabilities and are prone to failure. They are unable to operate independently, which is why hackers can easily target them and then proceed to attack the exposed IT resource, which was previously protected by a single tool. The main argument is that Blockchain technology can help improve security. The security tools are better off if they are distributed, because at least then they can offer protection.
The essential question is how Blockchain can improve the security of IoT devices, data, and networks. Blockchain security solutions could help manage access control and data sharing for all IoT devices more effectively. They can do this by ensuring reliable user identification, authentication, and data transfer. New connections could only be allowed if significant numbers of the trusted connected devices vote them in. An IoT device, such as an IP camera in a house, will only grant access to trusted devices of the household. If a hacker tries to access the camera, the Blockchain solution will prevent access until most of the trusted devices vote to allow the hacker to access the camera.
The biggest weakness in data security is the existence of a single point of failure or compromise. This leads to data theft, modification, or loss. The solution is to use blockchain for data security. Data that is shared on the blockchain is hashed and connected to the next block, making it impossible for third parties to modify it. Since only the parties in the communication can read and manipulate the data, any stolen data will be unusable, and third parties will also not be able to modify it. The solution also includes adding clustered network security.
Summary
Blockchain technology continues to evolve, and it has had some interesting applications in the modern world. One of the areas where it has been studied and applied is cybersecurity. The Blockchain infrastructure makes it highly practical in addressing the existing security challenges. The paper has evaluated the applicability of the Blockchain technology from the perspective of 30 researchers reviewed by Taylor et al. They have observed that most Blockchain security researchers are concentrating a lot on the adoption of Blockchain security for IoT devices. Alongside this, other major areas of Blockchain security are networks and data. As they discuss, the Blockchain technology can be used to secure IoT devices through more reliable authentication and data transfer mechanisms. These technologies would prevent hackers from breaching into the devices that often ship with poor configurations. The technology can also be used to secure networks by using the stringent infrastructure to prevent unauthorized connections and communication. Lastly, Blockchain can secure data in transmission and storage through encrypted blocks which can only be opened by the communicating parties and are not prone to manipulation. The technology is being studied for more use cases, but these three have taken center stage. It is recommended that future researchers investigate the practicality of a single Blockchain that can be used for developing security solutions since most of the current solutions use different Blockchains, hence hampering integration.
About the Author
Ron McFarland, PhD, CISSP is a Senior Cybersecurity Consultant at CMTC (California Manufacturing Technology Consulting) in Torrance, CA. He received his doctorate from NSU’s School of Engineering and Computer Science, MSc in Computer Science from Arizona State University, and a Post-Doc graduate research program in Cyber Security Technologies from the University of Maryland. He taught Cisco CCNA (Cisco Certified Network Associate), CCNP (Cisco Certified Network Professional), CCDA (Design), CCNA-Security and other Cisco courses and was honored with the Cisco Academy Instructor (CAI) Excellence Award in 2010, 2011, and 2012 for excellence in teaching. He also holds multiple security certifications including the prestigious Certified Information Systems Security Professional (CISSP) certification and several Cisco certifications.
CONTACT Dr. Ron McFarland, PhD, MSc, CDNA, CISSP
· CMTC Email: rmcfarland@cmtc.com
· Email: highervista@gmail.com
· LinkedIn: https://www.linkedin.com/in/highervista/
· Website: https://www.highervista.com
· YouTube Channel: https://www.youtube.com/@RonMcFarland/featured
