Cybersecurity Blockchain- “Oh, the things you can find, if you don’t stay behind!”
Those words, uttered by Theodor Seuss Geisel, or as we know him, Dr. Seuss, still has the power to change the world, even with cybersecurity and blockchain technology. That’s right, I’ve brought the good ‘ole doctor into the house.
For those technology and blockchain enthusiasts, keep pushing forward, because this space is opening up a whole new world worth exploring. Granted, the path ahead may be blocked with silos, but nevertheless, it’s time to push them aside.
“And will you succeed? Yes, you will indeed! (98 and ¾ percent guaranteed).” —Dr. Seuss
National Cybersecurity Awareness Month
With October’s 15th anniversary of “National Cybersecurity Awareness” period at an end, our digital hygiene must remain top notch. Initiated by the U.S. Department of Homeland Security, October has now served for 15 years, as a time for everyone to educate themselves on new cybersecurity tips for the season.
“Supporters of this great initiative engage in activities to raise awareness around the importance of cybersecurity by educating businesses and consumers on industry trends, cybersecurity threats, and best practices.”
Yet, both Herjavec and I agreed that the industry currently reflects a vital need to monitor the strength of our digital infrastructure on a daily basis; not just yearly. But, with all of this blockchain talk, how can the technology help to strengthen our infrastructure?
If Dr. Seuss was still around today, the lessons he would teach, could help reduce a breach! So, I went to the experts at DLA Piper, and spoke with its Partners, Deborah Meshulam and Mark Radcliffe, also the head of the company’s new blockchain division. According to both Radcliffe and Meshulam, blockchain technology can help restore the integrity into the space.
Unfortunately, as Radcliffe pointed out to me, “the issue of data integrity is rarely discussed, and this new technology can help prevent attacks by detecting and deterring the unauthorized, undetected tampering of data.”
“The Blockchain can provide improved confidence about ‘identity’ of humans, such as Civic and Estonia’s citizen’s registry, as well as provenance of items and information, particularly in the supply chain and high-value assets,” Radcliffe explained.
“By implementing this technology, we are helping to protect the integrity of data by making alteration very difficult, and by rejecting data that is false or altered, without permission, in real-time.”
Radcliffe identified five real-world incidents where the utilization of blockchain technology could have helped significantly reduce and/or prevent them from occuring:
- An athlete’s “doping” data that was altered by “Fancy Bears”, and then released;
- Oil rigs drilling in the wrong place because location data was hacked;
- Counterfeit drugs passing as valid prescriptions with doctored tracking data;
- Corporate IT departments installing hacked software; and
- Patches that introduce security holes.
In essence, this technology helps reduce the risk of certain attacks like phishing, theft, and other unauthorized access crimes. With the Blockchain, a hacker’s ability to conduct an efficient attack, according to Meshulam, is “much harder, expensive, and time-consuming to achieve.”
#1—”One Phish, Two Phish, Red Phish, Run!”
Unlike Dr. Seuss’ “One fish, two fish, red fish, blue fish”, this story does not have a happy ending for its victim.
“Phishing” scams are the most prevalent, and often successful forms of cyber-theft in the space, specifically for the crypto-community. “Phishing”, is a cyber-attack that started in the early days of America Online (AOL), where a hacker would use a “disguised email” as a weapon to obtain login information. The goal is to ultimately trick the email recipient into believing that the message is something they want, need, or have seen before. Examples include an “email” from their “bank”, “friend/relative”, “office”, or even a familiar “vendor.”
But, instead of these hackers going after login information, they go after the crypto-community’s holdings, specifically targeting the keys to their cryptocurrency wallets. By implementing similar techniques of replacing a letter with something similar (replacing an “i” with an “i” with an accent), hackers make it seem as if a user or HODLr, is accessing the same destination they would as if they typed it in themselves. And, before they know it, the hacker now has control over their entire wallet. So, bookmark your site, and only visit it through that bookmarked link.
Another common attack, is the 51% Attack, that essentially overpowers the validators required to run a blockchain network. The Blockchain is difficult to alter because no single miner owns the majority of the network validation power, or hashrate.
But, with these attacks, once the attacker achieves the majority of the network hashrate (51%), the Blockchain becomes theirs, in some respect, allowing them to rewrite data however they see fit. This results in changing transaction history and re-routing transactions to their own personal wallets.