It is the need of the hour that the industries, economies and people are interconnected to each other. Both at the personal and commercial level, we are getting connected with multiple devices through computers, mobile phones, appliances, commercial equipment and the list goes on. This network of connected devices is called the Internet of Things (IoT). The industry is on the verge of an explosion of IoT products and services coming to the market. However, the benefits of being connected to the internet comes with risks that should be managed to insure that, social and economic advantages are not turned into a potential disaster.
Rapid increase in interconnectivity of personal, industrial and business systems have increased the vulnerability to cyber-attacks. According to the World Economic Forum, cybersecurity is one of the five most serious risks faced by the world today. No wonder most of the organizations in the world feel that they are more at risk of being attacked than a few years ago. High profile cases of cyber-attacks in the last few years have increased the demand for sophisticated cybersecurity solutions and companies across the globe have started to allocate more resources towards this domain to mitigate the risks. But is this really working out for them? The recent statistics of cyber-attacks do not say so. Rather, the incidences of cyber-attacks have seemed to proliferate, as cyber thieves are getting more prevalent by leveraging more sophisticated malware and building stronger organizations. So, does the biggest tech buzzword in last few years ‘blockchain’, come into the picture now?
Blockchain for cyber security
Many technical experts believe that blockchain could potentially improve the cyber security problems as the platform is based on mechanisms which are secure and transparent. A blockchain based cybersecurity platform can secure connected devices by using digital signatures to register them into the de-centralized network of computers. This information is highly de-centralized leaving no center point of attack for the hacker. Hence, to steal information from a blockchain network would be like a scenario in which the thief has to steal from thousands of banks simultaneously, without alerting anyone, which is practically impossible. And this the reason why no one in the world has been able to hack a bitcoin until now. More companies (mostly financial companies) are in a rush to implement blockchain technology because of its inherent resiliency to cyber-attack. Crypto-currencies are the biggest implementations of blockchain technology until now, but even they are facing certain problems in the implementation.
Current blockchain-cybersecurity scenario
Even if the blockchain technology projects a compelling proposition, there is still long way to go until it sees a serious enterprise adoption. Many domain experts agree that this technology has a lot to promise and it is marketed as a cure for cyber threats. But, currently, there are more problems caused than the solution blockchain provides.
According to an article published by Help Net Security, cryptominers displaced ransomware for the number one spot of ‘detected malware threat’ in the first quarter of 2018. Illegal mining of cryptocurrencies off the blockchain system is a trending cybercrime at the present. Mike Orcutt in his article for MIT Technology Review has pointed out the ways to cheat the blockchain protocols by multiple ways. One them includes cryptominers gaining illegal access to various computers and using their computing power to mine cryptocurrencies. In May 2017, a ransomware named WannaCry was used by the hackers to demand 300 bitcoins. Another in 2013, ransomware named Cryptolocker was used to demand bitcoins worth $65,650. Thus, it is becoming clearer that even with the blockchain technology, serious cybercrimes can still exists and rather than being a savior of cybercrimes, blockchain itself can be a threat. But, does blockchain have anything else to offer? Blockchain can certainly be applied to a new and emerging movement in cybersecurity, called ‘Threat Intelligence’.
What is threat intelligence?
Cyber threat intelligence is an advanced process which involves gathering valuable insights including mechanisms, context, indicators, actionable advice and implications about an emerging or existing cyber threat. It can be tailored according to a specific company’s threat landscape which will then help the organization to proactively maneuver defense mechanisms in place, prior to an attack. Cyber security experts say that the amount of data that is generated daily on cyber threats is growing exponentially and will help organizations to better understand and defend against the new threats which are discovered every day. Even if threat intelligence is a noble pursuit, there are some issues with it.
Current issues with threat intelligence
Threat intelligence is the information used by organizations to analyze the risks of the most common and severe external threats such as advanced persistent threats, zero-day threats, and exploits. But there exist some problems in the industry which includes companies spending duplicate time in researching the same threats, while the other threats go unnoticed. Also, it is observed that most of the companies often have an insight of only a particular subset, which could be a particular geography or an industry sector. Due to this, companies often have to pay largely for the overlapping information or may have a risk of missing threats that are relevant to them. The noble cause of threat intelligence was theoretically put forward to achieve a defense mechanism of ‘us versus the cyber threats’. But the way the current scenario stands today is more of ‘some of the privileged versus the cyber threats’.
According to a joint study by Phantom and Enterprise Strategy Group (ESG), 74% of the cyber security professionals ignore security alerts and events simply because they are too much to consume. The professionals cannot keep up with the security data overload. Ponemon Institute did a survey in which they found that almost 66% of IT leaders were not satisfied with the approaches of threat intelligence as the information was not timely. And 46% said that the information was not well categorized and has a room for improvement. A lot of these issues are thus clearly lined up for blockchain to intervene.
When a threat comes along, all the necessary information surrounding the incident can be confused, complicated and overlooked. But blockchain can effectively layout precisely what happened. Basically, blockchain can bring the world to a common consensus of “what exactly happened”. The most difficult task among different participants was to trust each other. Blockchain’s ability to form a consensus amongst the peers opens exciting opportunities in the fields ranging from supply chain management, asset management to threat intelligence. Blockchain can make the threat intelligence marketplace fairer and less unjustifiably competitive by allowing users to access data on the basis of its merits and performance.
However, it is essential to understand that blockchain is not a cure-all solution for cybersecurity needs, but is an important toolset for developers building next generation security applications. Blockchain will enable us to construct extremely robust and reliable records of events and will empower information sharing across the borders, by creating networks controlled by none, but verifiable and trusted by everyone.