How Blockchain Is Transforming Cyber Security

Blockchain Is Transforming Cyber Security

Introduction

Computer technology and the internet have disrupted the old way of doing business. New revenue streams continue to come up, and business models of yesteryears are all but forgotten. But these changes are not without a price; technology introduces vulnerabilities in organizations and every individual with a connection to the internet, and these are exploited by hackers.

However, technology may, at last, have an answer to the menace posed by cyber criminals. As the strategies used by cybercriminals continue to evolve, security experts have turned to blockchain for a solution.

What is Blockchain?

Blockchain refers to a list of records, known as blocks, that are linked by cryptography. Blockchain has three main characteristics:

  • Decentralization. It is not owned by any one party.
  • Transparency. Hence data cannot be tracked, maintaining the privacy of transacting parties.
  • Immutability. Data inside a blockchain cannot be tampered with.

The cryptographic hash, which links the blocks, is highly resistant to attack and cannot be inverted or modified. This is good news for anyone who wants to store and share sensitive data, transact and maintain privacy.

Though blockchain was first invented for bitcoin, its features make it a suitable foundation for cybersecurity technologies.

In fact, large companies (and governments) are slowly warming up to the idea of adopting blockchain security. For example, in 2017, Lockheed Martin decided to adopt blockchain as part of its cyber security strategy. The company contracted Guardtime Federal, the world’s largest blockchain cybersecurity firm, to provide the service. Ron Bessire, VP Engineering and Technology at Lockheed Martin saw this move as a chance to “enhance data integrity, speed problem discovery and mitigation” and ultimately, speed up software development and delivery of final products.

The governments of the US, Britain, and China (among others), recognize its potential and have over the last few years funneled a lot of funding into blockchain research and development.

How Blockchain Can Transform Cyber Security

Blockchain Cyber Security

Although blockchain applies to all sectors, its role in cyber security is perhaps one of the most transformative. Blockchain plays the following role in cyber security:

Decentralization

Blockchain has disrupted centralized services. Centralized systems store all your data (or money in the case of banks) in a specific storage entity. The fact that all data in centralized systems is stored in one place makes such systems a target for hackers.

The client-server model is a good example of a centralized service. If you want information, you first search for it, the server where the information is stored is queried, and you receive your answer.

By decentralizing, blockchain ensures that information is owned by all the people in the network. More so, interactions are not dependent on third-party entities, such as in the case of traditional currency where you have to go to the bank. Where blockchain is concerned, you can transact without needing an institution.

Providing secure authentication

Authentication protocols such as passwords can be exploited and hacked. A lot of times, people use passwords that can be easily cracked. The use of password managers makes matters worse as more and more people now rely on password managers as storage vaults for all their security details. For instance, in 2017, serious vulnerabilities were identified on LastPass, a password manager, which left many users’ accounts and computers exposed. Had the loophole not been identified, hackers could install code into computers through the browser extension, allowing them to steal passwords.

Blockchain-based security systems authenticate devices and users through a distributed public key infrastructure, which relies on SSL certificates as opposed to passwords. According to Remme’s founder and CEO, Alex Momot, Blockchain makes authentication without password possible, through a combination of strong authentication and eliminating possibilities for single point of attack. Since certificate data is managed on the blockchain, hackers cannot generate or use fake certificates. More so, Remme’s two-factor authentication further bolsters security.

Blockchain security authentication is already in use in different sectors. For Instance:

In the health sector, Constitutional health uses Remme to protect against black marketers whose aim is to steal patient IDs for purposes such as insurance fraud and buying drugs illegally.

In the defense sector, Ukroboronprom, a Ukrainian body that manages enterprises with concerns in the defense sector, has partnered with Remme to grant its employees passwordless access.

Securing messenger services

Social media is at the center of most people’s lives and accounts for the majority of internet users globally. Due to their prevalence, messenger services such as Facebook and WhatsApp are now being used as payment services. However, these apps (and many other messenger apps) are vulnerable to hacking and social engineering. According to Peter McClory, Obsidian’s CEO, the encryption used by messenger apps doesn’t protect communication metadata effectively, meaning anyone can track parties to any communication. If an attack on these apps were to happen, it would expose billions of people.

Obsidian messenger app makes safeguards chats in the following ways:

  • It uses a blockchain decentralized database that cannot be controlled by a single entity.
  • Chats are protected from surveillance or interception because the system scatters digital footprint across the distributed ledger making it difficult to access it.
  • Additionally, with Obsidian, there is no need to link personal details such as email or phone number to an app. This protects users’ privacy.
  • The end-to-end encryption used by the obsidian app also allows safe and secure exchange of data and files.
  • Old files can be timed to auto-delete.

How to Get Started with Blockchain?

By now, you are probably wondering how to get into blockchain. Though this article is about the applications of blockchain in cybersecurity, the possibilities with blockchain are endless. Companies that are still in their early stages of blockchain adoption need qualified people and project managers to guide the transition. There is also a huge demand for engineers, designers, and developers, as they are key in app and system development and deployment.

Whatever career path you choose, it all starts with having the right knowledge. Certification will improve your career prospects. You can enroll in a Blockchain Certification course that will teach you about:

  • Blockchain platforms and how they work
  • Key concepts related to the blockchain
  • Bitcoin, Hyperledger and Ethereum and how they work
  • Multichain technology and scenarios surrounding its use
  • Blockchain integration tools as well as tools for the different currencies
  • Blockchain development

Even after certification, do not stop your quest to learn more about blockchain. Like all technologies, a lot of changes can happen within a short period of time, and you want to be ahead of the curve always.

In a nutshell, blockchain will continue to grow, and there is no time like the present to take advantage of what this means for the future.

By Maryanne Gaitho,

Maryanne holds a degree in Sociology and writes on a wide range of topics ranging from technology to business and social issues. She has a background in IT and Relationship Management having worked for a multi-national mobile manufacturer and a multi-national bank respectively and has been involved in several high impact social projects through NGOs. Some of the topics she has written about and that have been published include; cloud, big data, cybersecurity, project management, online Marketing and Salesforce.

Gary Bernstein
Secure Remote Authentication When employees are working remotely, they need to be able to access company resources and applications just as if they were in the office. This means that remote authentication needs to be ...
Dana Gardner
Just as cloud computing initially seeped into organizations under the cloak of shadow IT, application programming interface (API) adoption has often followed an organic, inexact, and unaudited path. IT leaders know they’re benefiting from APIs -- ...
Stacey Farrar
Document Migrations Require More Diligence Data creation has risen dramatically in recent years and shows no signs of slowing. According to analyst firm IDC, widespread remote work led to a spike of new data in ...
Gilad David Maayan
Cloud Security Posture Management Cloud Security Posture Management (CSPM) enables you to secure cloud data and resources. You can integrate CSPM into your development process, to ensure continuous visibility. CSPM is particularly beneficial for DevOps ...
Jim Fagan
Subsea Connectivity Digital transformation and the migration of data and applications to the cloud is a global phenomenon. While we may like to think that the cloud knows no borders, the reality is that geopolitics ...

SECURITY TRAINING

  • Isc2

    ISC2

    (ISC)² provides IT training, certifications, and exams that run online, on your premises, or in classrooms. Self-study resources are available. You can also train groups of 10 or more of your employees. If you want a job in cybersecurity, this is the route to take.

  • App Academy

    App Academy

    Immersive software engineering programs. No experience required. Pay $0 until you're hired. Join an online info session to learn more

  • Cybrary

    Cybrary

    CYBRARY Open source Cyber Security learning. Free for everyone, forever. The world's largest cyber security community. Cybrary provides free IT training and paid IT certificates. Courses for beginners, intermediates, and advanced users are available.

  • Plural Site

    Pluralsite

    Pluralsight provides online courses on popular programming languages and developer tools. Other courses cover fields such as IT security best practices, server infrastructure, and virtualization.