In Blockchain There’s No Checkmate

In a game of chess, you can win by either taking out all of your opponent’s pieces one-by-one, or by trapping the opposing side’s king in a checkmate. This is true of today’s cybersecurity model. One piece, in the wrong place at the wrong time could cost the entire game. 

Not just that, but any device in a network, whether it be a phone or a smart fridge, is a “king” that can be trapped and cost the integrity of an entire network. In this way, the “king” is a weakness.

A weakness that costs companies and countries millions, a weakness that could mean loss of life in the healthcare industry or military systems, indeed, cybersecurity is not a game.

Fighting cyber-criminals whilst being constrained by the rules of this chess match means we’ll never win. The centralised model where the hacking of a single device could compromise a network is categorically flawed. This needs to change: we don’t need to play a better game against cyber-criminals, we need to play a different game. 

Blockchain technology is arguably one of the most significant innovations for decades, and it extends beyond the vestiges of crypto currencies. At its core, the Blockchain is immutable, transparent, encrypted and fragmented (decentralised). As such, Blockchain and cybersecurity seem like a match made in heaven and for the most part, they are. 

For instance, right now, all the data of our personal or business devices, passwords, applications, files etc, are stored on a centralised data server. Blockchain decentralises the systems by distributing ledger data on many systems rather than storing them on one single network.

There is no single point of failure, one central database or middleman that could potentially serve as a source of leaks or compromised data.

The underpinnings of Blockchain architecture are based on time-stamped cryptographic nodes (the computer and servers that create blocks on a chain). Every time our data is stored or inserted into Blockchain ledgers, a new block is created. Each block has a specific summary of the previous block in the form of a secure digital signature.

More sophisticated systems combine Blockchain and AI technologies to confirm each other based on previous signatures. If there is a discrepancy, threat, or a device steps outside of a set of pre-determined rules, the surrounding nodes will flag it for action. Since these blocks are linked in the form of a chain sequence, the timing, order and content of transactions cannot be manipulated. 

Just like crypto transactions, the Blockchain operates upon a democratic consensus. Any transfer of data would require a majority approval of the network participants; therefore, attackers can only impact a network by getting control of most of the network nodes. However, the nodes are random and the number of them stored on a given network can be in the millions. 

In the metaphorical game of chess, “the collective” Blockchain has an advantage. Imagine if team hackers could not eliminate a single piece, not a pawn nor rook, unless they could eliminate all million pieces on the entire board at once. If they fail to do that, all of the pieces remain untouchable – including the “king”. There is no checkmate, and no hope for hackers.

Even still, since domain editing rights are only verified through nodes, hackers won’t get the right to edit and manipulate the data even after hacking a million of systems.

As all transactions are cryptographically linked, the modification or tampering of the data at any given time would alert all those with access to the ledger, exposing the infected dataset near-instantaneously.

The Blockchain does not linger or rely on any central point of failure to command changes; that allows for fixes to occur before attacks have time to spread. In other words, hacking a Blockchain with any scale is virtually impossible. 

For instance, in the case of DDoS attacks that crash large data servers, Blockchain technology would disrupt this completely by decentralizing the DNS (Domain Name Systems) and distributing the content to a greater number of nodes. 

The idea is clearly an attractive one. It can help save the billions that are being spent on developing arenas in which cybersecurity firms are fighting the hacker’s fight, especially in hard to defend environments.

We have already seen a number of companies utilize Blockchain technology to safeguard networks. Companies such as Naoris bring this consensual Blockchain technology and link devices as blocks on a chain so that no single end-point or terminal exists in a silo.

Current structures with multiple devices each act as a point of entry for a hacker into the network, however, as we know, the more nodes a network possesses on the Blockchain, the harder it becomes to infiltrate. Therefore, as the network expands and more devices are connected, the network becomes increasingly more resilient.

This is only the beginning for Blockchain. As it develops, it's only going to get smarter and better. New technologies have the potential to provide a robust and effective alternative way of ensuring that we evolve to compete with concerns surrounding our security. With the Blockchain, such concerns can be a thing of the past.

Infosecurity:

You Might Also Read:

Blockchain As A Service Market To Reach $7 Billion

Blockchain In Plain English

« NATO Cyber Command Fully Operational In 2023
Microsoft, Amazon CEOs Vow To Continue Defense Work »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

SecPoint

SecPoint

SecPoint provides products to secure & protect your network from remote and local attacks.

Palo Alto Networks

Palo Alto Networks

Palo Alto Networks, the global cybersecurity leader, is shaping the cloud-centric future with technology that is transforming the way people and organizations operate.

StoneFly

StoneFly

StoneFly offers High Availability, high performance cluster and scale out storage, and backup and disaster recovery appliances.

AML Solutions

AML Solutions

AML Solutions offer a full range of Anti-Money Laundering and Countering the Financing of Terrorism (AML/CFT) services.

Steptoe & Johnson

Steptoe & Johnson

Steptoe is an international law firm with offices in the USA, Europe and China. Practice areas include Cybersecurity, Privacy & National Security.

OIC-CERT

OIC-CERT

OIC-CERT is the Computer Emergency Response Team for Organisation of Islamic Cooperation (OIC) member countries.

FraudHunt

FraudHunt

FraudHunt protects your website from account fraud, ad fraud, fraud clicks, and malicious bots.

Pryv

Pryv

Pryv is a Swissmade software for privacy, personal data collection, usage, sharing and storage.

Sigma IT

Sigma IT

SIGMA IT is one of the largest IT services organizations in EMEA region providing a full range of solutions and services including cybersecurity, data protection and business continuity.

e360

e360

e360 (formerly Entisys360) is an award-winning IT consultancy specializing in advanced IT infrastructure, virtualization, security, automation and cloud first solutions.

Alkira

Alkira

Alkira has reinvented networking for the cloud era by delivering the network cloud, the first global unified network infrastructure with on-demand hybrid and multi-cloud connectivity.

DataSixth Security Consulting

DataSixth Security Consulting

DataSixth delivers Cybersecurity Intelligence. With our unique capabilities, we’re able to deliver value, deliver answers, and deliver actionable security intelligence.

Vaultree

Vaultree

We believe in an encrypted tomorrow. Vaultree technology enables a foundational change in how we communicate with each other: Safely!

Resourcive

Resourcive

Resourcive is the first Value Added Sourcing “VAS” consultancy. We deliver strategic IT sourcing solutions to mid-market and enterprise clients.

Edgio

Edgio

Edgio provides unmatched speed, security, and simplicity at the edge through globally-scaled media and applications platforms.

Anjuna Security

Anjuna Security

Software from Anjuna Security effortlessly enables enterprises to safely run even their most sensitive workloads in the public cloud.