The hype and curiosity surrounding blockchain technology continues to prove a formative moment in the emerging 21st Century. Although the history of blockchain technology goes back further than many of us often realise, its more recent transition into mainstream conversation has been inspired not only by blockchain cryptocurrencies, but also this technology’s application in other areas of our online and digital lives.
Many of the headlines being made in this space are how the blockchain can enhance entertainment, art, media and the world of business – and these are fine examples. Yet each of these, and plenty else besides, is underpinned by the same need for cybersecurity that has been part of exploring the online world since the very first modem was ever switched on.
In a digital world in which everything seems urgent to be streamlined – yet only ever seems to be more complex – a drastic change is needed to protect our digital identities from those who would interfere with them or do them harm. As the rush to gather data for marketing, for research, for politics and even for criminal activity accelerates worldwide, what role can the blockchain play in cybersecurity for a new era?
The answer, it turns out, is a pivotal one.
Our collective attention has been twisted this way and that since the beginning of the new decade, with the word ‘crisis’ seeming to hang over every global event like an inescapable Sword of Damocles.
First there were natural disasters, then the international pandemic health crisis, then the crisis of armed conflicts in mainland Europe, and now the ongoing energy crisis and its unwelcome partner, the cost of living crisis.
Yet beneath each and every one of these dramatic events of the last few years has been the dark undercurrent of a far more sinister threat – one that affects almost each and every one of us, and can do untold harm if allowed to go on unpunished.
That is, of course, the cybersecurity crisis. With our attention so caught up in so many global affairs, we have had little opportunity to shore up our cybersecurity defences against scammers and hackers who are using the chaos of modern times to commit ever more daring and lucrative crimes.
The statistics do not make for comfortable reading. The average cost of a data breach to an organisation is US$3.86 million, and just over half of organisations affected by ransomware attacks will pay cybercriminals the extortionate fees that they demand to regain access to their files and data.
Global organisations are well aware of the threat that cybercrime poses, and do much to advise on cybersecurity best practices and intelligence to help business leaders to make more strategic decisions. Yet the harsh reality is that – like many industries – the cybersecurity sector is facing a remarkable labour and talent shortage all over the world.
The scale of the shortage? Perhaps three million cybersecurity experts or more.
The result is as if thieves are scaling the castle walls on every side, yet there are only two guards perched atop the ramparts. Online fraud, hacking and data theft are each growing trends, facilitated by the sophistication of the hacking community and the startling ease with which hacking tools can be readily found online for hobbyists – who may then be lured down the path of temptation.
Indeed, data breaches have now become such a regular occurrence in many of the world’s biggest and purportedly most trustworthy enterprises that it’s easy to feel numb when reading headlines about it all. Figures too vast for the human mind to really comprehend – millions of customer details leaked here, thousands of personal data files stolen there – have rendered the almost ubiquitous level of data leaks present today almost an accepted cost of the convenience of doing business online.
But should it be this way? Did we collectively build our online world, only for the moment in which we are the victim of a leak or a hack to become a question of when, rather than if? Is that truly worth the effort we have all invested – or is it giving up through collective societal exhaustion?
Muster some courage and dig a little deeper, and you begin to see how many of the flaws that make cybersecurity such a fraught industry today are inherently structural and foundational – issues that shifts to the likes of blockchain technology, enhanced by machine learning, AI and DMS, could easily solve.
The internet has changed the world forever – of that, there can simply be no doubt. Yet one has to wonder if those who first designed the online infrastructure on which our world now runs would have done things differently had they known about the cybersecurity crises of the 2020s, or the capabilities of blockchain technology as a backbone on which to build the great networking skeleton that would become the World Wide Web.
In truth, there are numerous ways and means that hackers utilise, inherent to our current online frameworks, in order to lie, steal, manipulate and wreak havoc.
An often embarrassing truth for many is that a number of the most successful hacks take place through social engineering – manipulating not the technologies in charge of cybersecurity, but the individuals within an organisation sitting at their computers and trying to get through an honest workday.
By presenting themselves as a trusted workmate, a confidant, a confused customer in need of assistance or any other masquerade you might imagine, a hacker is able to manipulate the people who are in charge of sensitive data within a company to either hand it willingly over, or let down the cybersecurity processes that would ordinarily protect such data.
From there, the cybercriminal is free to feast on what’s found to their heart’s content.
However, another key issue that cybersecurity professionals often overlook is the notion of revenge hacking. This is not something that requires a lot of advanced computer knowledge – it often involves an employee who is no longer with a given business using their still-functional credentials, or other knowledge of their former workplace’s systems, to cause mischief, commit pranks or make off with dangerous amounts of valuable data.
Another almost terrifyingly easy means of cybersecurity failure is physical hacking. This involves nothing fancy or technical, yet it relies on human error all the same. It could be as simple as a workmate having their office laptop stolen on public transportation, or as cunning as a criminal disguising themselves as a building maintenance worker or similarly inauspicious individual, walking into an ordinarily tightly controlled office environment, and simply picking up a computer full of data and walking out with it to decode in their own time later.
In all such examples, it is the human element that lets down even the most advanced of cybersecurity protocols. A company can invest in as much AI, DMS, machine learning and firewall technologies as it likes – but if human beings are still happy enough to hand over the means to bypass any and all of these protections, how much protection do they actually offer?
Compare these examples with a cybersecurity system powered by blockchain technology. Because so much of how the blockchain works relies on automation, AI and the notion of trustless transactions and data exchanges, the human element is removed – and with it, the capacity for human error or malicious attacks from spurned employees.
Remember also that the blockchain uses a form of data collation and coding that is inherently immutable. That means it cannot be tinkered with – a malicious employee could not alter a customer’s bank details to their own to make off with someone’s pension or mortgage deposit, for example.
Because blockchain cybersecurity is so solid against being altered without widespread consensus among a decentralised network, cybersecurity is enhanced by default. Not only is there nobody to call and try and persuade to change data to a hacker’s advantage, but such changes would be ignored by the distributed trust network without mainstream consensus anyway.
And even if that were to be circumvented, then what? The hacker breaks into blockchain cybersecurity to read… reams of unintelligible letters and numbers that are of no use to them. After all, the entire foundation of blockchain technology is its near indecipherable encryption.
A quirk of modern life that we all have witnessed, yet have done comparatively little about, is that every time a service like AWS or Cloudflare goes down, so does an alarmingly large amount of the internet.
The internet is enormous and vast, yet it is actually concentrated over a surprisingly small number of servers and other service providers from an international point of view. This attitude of centralism is also seen in how organisations collect, store and manage the data of their customers, vendors, financial reports and so forth – in a single file store area, either cloud or local, but nonetheless representing a singular point of focus for hackers and fraudsters to target.
This is a massive reason as to why so many data breaches, leaks of sensitive media, hoarding of stolen customer information and so forth are possible, no matter how effective cybersecurity and machine learning may become. If there is only one target, and countless ways of reaching it, then for a determined hacker it is simply a matter of patience, emergent tactics, adapting to new blockers as they emerge and, of course, time.
Considering this reality against the decentralised processes and networking that the blockchain presents as a cybersecurity solution, it becomes curious that we ever relied upon such centralised infrastructure at all. It’s as though we have painted a huge target or raised a bright red flag above key files and folders in our data storage frameworks, almost goading hackers and cybercriminals into trying to penetrate our cybersecurity defences.
It is this centralisation of online assets that enables cyber-attacks such as distributed denial-of-service (DDoS) attacks to wreak such havoc on online networks. By their very nature, DDoS attacks work by sending an overwhelming volume of traffic to a singular online location.
Because blockchain technology operates via an inherently decentralised framework, cybersecurity resilience against DDoS attacks is baked in by default. After all, were this not the case, why has nobody taken over Bitcoin and run away with them all by now?
In the same way, the storage of valuable and private data itself will not only be reinforced by incredibly complex encryption by default – compelling cybersecurity indeed – but also by decentralisation and distributed ledger storage solutions.
Couple this with the ongoing developments being made in DMS, AI and machine learning, and you essentially have a distributed blockchain network that not only demonstrates highly robust cybersecurity by the nature of its design, but can also evolve in tandem with the needs of its community – and in parallel to the developing conniving ways of cyber criminals.
It is a mammoth task, of course – essentially asking that we completely rethink the very way that we store, access and share online information. There will no doubt be hurdles to overcome in implementing blockchain technology for cybersecurity applications – yet with such abundant benefits to doing so, it is a question of when, rather than if, such radical solutions ought to be implemented.
Building the cybersecurity infrastructure of tomorrow needs to begin today.
With cyber-attacks growing in range, complexity, daring and sophistication, we simply cannot rely on the existing online and digital means of cybersecurity to protect our data.
The fact that we are moving ever more details of our lives online, yet are also experiencing ever more attacks, thefts and fraudulent actions against those very same sensitive aspects of ourselves, demands that we reinvent cybersecurity to better fit our modern era.
Moving blockchain forward to meet the needs of humankind is what inspires and motivates us at Mangrovia Blockchain Solutions. How best will we shape the future of blockchain cybersecurity together?
+39 02 45391390
|LinkedIn sets this cookie from LinkedIn share buttons and ad tags to recognize browser ID.
|LinkedIn sets this cookie to store performed actions on the website.
|LinkedIn sets this cookie to remember a user's language setting.
|LinkedIn sets the lidc cookie to facilitate data center selection.
|LinkedIn sets this cookie for LinkedIn Ads ID syncing.
|This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
|The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
|This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
|This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
|This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
|Used to store information about the time a sync took place with the lms_analytics cookie.
|Stores the current language of the website.