Since its conception, there has been lots of hype around blockchain technologies. Recently, there has been the emergence of practical solutions and applications that have significant potential in terms of cybersecurity: Validating identities; immutability and encryption; and the securing of IoT remain the largest promises of blockchain for the future of cybersecurity.
The first advantage that can be derived from using blockchain technologies is the ability to validate identities. In these cases, it is important to clarify the distinction between validating and identifying; the former refers to ensuring that a party is whom they say they are while identifying makes this public information. Currently, a third of ransomware attacks and over half of intrusions into information systems occur due to password hacks. Blockchain technologies provide a possible solution. Through non-custodial log-ins, passwords are no longer controlled by a central entity; by replacing these passwords with public and private keychains, it is still possible for the former entity to verify the identity of the person logging in without storing a large mass of confidential passwords that can be obtained by hackers. This truly passwordless technology is currently being attempted to be employed by companies such as REMME and Edge. Blockchain could be applied in this direction beyond the scope of the private sector. There are numerous possibilities for governance: validating the identity of citizens while maintaining anonymity could facilitate voting processes or protect critical infrastructure from unlicensed entry.
Secondly, immutability and encryption prove to be advantageous qualities for cybersecurity. The different consensus protocols of blockchain have pushed blockchain to the forefront of secure data storage. Through these mandatory checks, it is nearly impossible for a foreign entity to modify information stored in the blockchain; Hackers would need to modify 51% of the nodes at once to be able to change the information store. The immutability of this information is integral for cybersecurity as it can be used to ensure the integrity of information. However, this also has drawbacks. The immutability encompasses all, and even the correct entities cannot change entries once on the blockchain. Despite the fact that blockchain is known for its public blockchains and the transparency and decentralization that follows; Private blockchains provide a larger possibility for cybersecurity. Utilizing private keys where the public was used before allows for the users related to the transaction to be connected through updates to their ledgers, still leveraging the encryption provided. Third parties related to the transaction receive information on a “need to know basis.” This has been the premise of the Hyperledger project of the Linux group. As of current, an enormous threat in the cybersphere has been supply chain attacks, and utilizing this method of information sharing could reduce the attack surfaces between contractors and main entities.
Lastly, blockchain has great implications for cybersecurity in the realm of IoT security. The technology provided by blockchain would enable the devices used to obtain masses of data to be validated. Users could certify that the information being used within models comes from the respective device through “device identity protocols.” IBM Watson Platform has worked towards detecting tampered data by utilizing the concepts of immutability, transparency, auditability, data encryption & operational resilience. Transparency is a large factor when it comes to IoT devices, and blockchain seeks to facilitate this. Moreover, in order to gain access to applications and services, IoT devices must verify their identity. Blockchain could be employed in this area, similarly to the case of non-custodial log-ins. This would prevent unwanted entry onto IoT networks and limit false data from being propagated. Another direction that blockchain allows for IoT devices is autonomy. Through smart contracts, devices are able to maintain their own integrity and maintenance. This would remove the need for human interaction and would increase the number of IoT devices that could feasibly be managed.
In conclusion, the promise of blockchain is bearing fruit in cybersecurity. Successes in validating identities; immutability and encryption; and the securing of IoT is tangible proof of blockchain applicability to cybersecurity. However, it is likely that with the development of blockchain-related technologies, we will see further applications to cybersecurity.
by Leo Taalas