Blockchain has been turning heads since it was first unveiled in 2008 to become the backbone of then relatively unknown cryptocurrency, bitcoin. Since then, blockchain and Bitcoin have skyrocketed in public awareness, with the latter becoming the most successful cryptocurrency in history. A large portion of bitcoin's success is due to its blockchain infrastructure, which prevents the duplication of funds (preventing double-spending) and automatically time-stamps every transaction.
The developer (or developers) behind blockchain created the software to be resistant to alteration or hacking, making it one of the more inherently secure systems that companies can use to manage secure infrastructures. Some have heralded blockchain as the ultimate tool to promote cybersecurity and reduce the risk of data breaches.
Then bitcoin, in addition to several other cryptocurrencies, were hacked. According to CNN, the attack erased the equivalent of billions of dollars and sent the value of the affected cryptocurrencies plunging. The incident has many questioning just how secure blockchain is and whether the software was simply a temporary fix, like so many others, against the ever-present threat of cyberattacks.
"Blockchain can give each registered device a specific SSL certificate for authentication."
The case for blockchain
While buzzwords are common in the tech industry, there are several legitimate reasons why blockchain has been celebrated as a secure platform. According to Info Security Magazine, one of blockchain's primary appeals is its decentralized data storage. While users can access blockchain data on a computer or mobile device, the program itself is typically stored throughout the network.
If one access point – or block – is targeted by hackers, then the other blocks will react to it. The attempted cyberattack will likely alter the data on the block in a way that is immediately noticeable by the rest of the chain. This block will then simply be disconnected, isolating the malicious data before it can impact the system.
Another helpful advantage of blockchain is its effectiveness against dedicated denial of service attacks. These cyberattacks target the domain name system, flooding it with so much data traffic that it essentially shuts down. Using blockchain software would allow the DNS to spread its contents to more nodes, reducing the effectiveness of the DDoS attack before it reaches a crippling stage.
Networks using a blockchain infrastructure can also bypass the need for passwords in certain situations. Instead of using the human-oriented password system, blockchain can give each registered device a specific SSL certificate. This mode of authentication is a lot more difficult for outside sources to access, reducing the likelihood of a hack.
Removing dependence on passwords may sound less secure but it is actually seen as an improvement. Employees can be careless with their login information or choose passwords that can be easily deduced by third parties. Eliminating the human factor from authentication actually goes a long way by removing one of the most common exploit points.
However, no system is 100 percent secure.
The McAfee Report
While many companies preach the value of blockchain, global computer security software company McAfee recently released a critical report on the software, stating that industries have every reason to expect cyberattacks. McAfee looked at early blockchain adapters, namely cryptocurrencies, and studied the types of cyberattacks still occurring within these companies.
The report identified four primary attack types: implementation exploits, malware, phishing and general technology vulnerabilities. Certain cryptocurrencies themselves have been used to help the spread of advanced malware, including ransomware. Coin miner malware alone grew by 629 percent in the first quarter of 2018, according to McAfee data.
Cybercriminals have also been using cryptocurrencies to mask their identities, taking advantage of blockchain's secure features to help them evade the law.
What companies can learn from the cryptocurrency attack
Lastly, however, the attack of the cryptocurrencies themselves should highlight the limitations of blockchain. While the program may be innately secure, it is not an excuse to abandon other forms of caution. Technology is spreading at a rapid pace with information security specialists struggling to catch up.
In short, blockchain should be seen as just another tool and not a cure-all for cyberattacks. Its architecture can be helpful but must be implemented in a thorough, professional manner. Even then, it should also be paired with other programs and employee training to best reduce the risk of cybercrime.