Blockchain

Blockchain for cybersecurity

The blockchain is an invention whose ingenuity is out of the question and is credited to a person of a group of people by who goes by the name of Satoshi Nakamoto. Technically, blockchain is a decentralized ledger that is distributed across multiple computers. These computers comprise a peer-to-peer network and they are solely responsible for the verification of transactions that are carried out through the blockchain. Among other features, blockchain is anonymous and immutable which makes it incorruptible ensuring permanent storage of data and information free of alterations. Assuming that the anonymity of the developer(s) of blockchain is smartly tied to the anonymity of blockchain might not be far-fetched. Notably, the blockchain technology debuted in 2009, amidst the infamous economic meltdown. The financial institutions were the most hard hit by this economic crisis which made some assumptions that blockchain was created to remedy the shortcomings of centralization.

The assumptions that blockchain was developed to remedy the challenges in the financial institutions were not misplaced. This is because with blockchain came bitcoin, a digital currency that earned the name of digital gold following the rapid growth of its market capitalization. Just to mention, the market capitalization of bitcoin currently is well over $100 billion. Essentially, bitcoin is a decentralized digital currency which mean sit is not controlled by any central institution like say central banks. Notably, the economic crisis of 2008-2009 was largely blamed on centralization. Thus, it was fairly plausible to assume that blockchain was created to remedy the challenges in the centralization of various financial activities and services.

While blockchain was not received with much glamour shortly after its debut, it has become quite a sensation over the last 8 years or so. In fact, it has come to be learned that blockchain is not just good for the financial sector but for virtually every other sector. Over the years, use cases have been developed for bitcoin in the retail industry specifically supply chain management, law through smart contracts, tokenization of various items such as land titles, applications in voting, application in cloud storage services to mention but a few. Additionally, multiple startups have been created based on the blockchain technology and most of them are already engaging in real-world activities powered by blockchain.

The discussion on blockchain cannot be exhausted without citing cryptocurrencies. Cryptocurrency is the general term for digital currencies including bitcoin. However, digital currencies that have been created after bitcoin are collectively referred to as altcoins. Some examples of altcoins include Monero, Ether, Litecoin, Stratis, Ark, Dash and Monacoin. One of the things that have made cryptocurrencies attract the much attraction they have is the lucrative investment opportunity they offer. It is important however to mention that they offer a high return investment opportunity that also has quite a high level of risk attached to it. This attribute of the cryptocurrencies roots from the high volatility that characterizes the crypto market. Essentially, the underlying technology for all these cryptocurrencies is blockchain which means that without blockchain, they would not be in existence.

The use cases of blockchain are far from being exhausted. Having, given a slight overview of what blockchain is and what makes its revolutionary, let’s see whether blockchain can help solve the issue of data loss.

Blockchain for cybersecurity

Most of the existing companies understand the importance of having backups for data. basically, losing data see a company suffer major setbacks. Unfortunately, despite being knowledge of the gravity of data loss, some companies fail to take necessary measures to protect against such possibilities. This reluctance to take action has seen companies lose an estimated $1.7 trillion all as a result of data loss. EMCS Global Data Protection Index released some time back showed that most IT professionals are not prepared to evolve and adopt new categories of data. Moreover, 64% of companies involved in a recent survey admitted to having experienced significant data loss and data downtime.

Notably, the loss of the data is attributed to poor data storage infrastructure and inadequate data recovery measure. In fact, having sound and solid backup strategy in place could help resolve the issue of data loss by simply running a restore of an incremental backup from a few minutes before the breach. However, most companies lack robust and adequate backup solutions.

Conventional encryption for data-at-rest and data-in-flight relies on a versatile encryption algorithm, centralized encryption key management and thorough auditing that is meant to ensure that everyone is playing by the rules. This more of data security has been effective but not without material limitations that have seen users lose data or having cases of data corruption. Blockchain can eliminate the need for the third party in data sharing and improve the auditing capabilities for the organizations to help spot any threats as promptly as possible. Notably, blockchain has a self-auditing ecosystem that allows the network to reconcile the transactions in ten-minute intervals. Information is stored on the blockchain as blocks and a new block is added on the blockchain every ten minutes hence the ten-minute interval in reconciliation. In other words, the blockchain performs a self-audit as soon as new information is added as opposed to waiting for the information to accumulate.

Data loss often results from hacking. Technically, hackers often infiltrate a network days, weeks or even months before they access the database and exfiltrate sensitive data. To avoid being recognized, hackers often modify security logs to mask their footprints. Notably, most of these logs are often relatively simple text files which mean once accessed, entire sections can be deleted by a keystroke. Blockchain help avoid this by virtue of being distributed ledger. Just to reiterate this is how the peer-to-peer blockchain network works. Once any transaction is initiated on the network, the computers/nodes on the network have to reach a consensus to verify the transaction. Where a node is changed, other nodes detect this change and realize that they are not in agreement with the tampered ledger. Therefore, they automatically isolate the node that has been tampered with from the ledger consequently alerting the network administrators. Blockchain can be very effective in maintaining the integrity of security logs thus avoiding any form of breach.

Technically, one of the most efficient ways of detecting malicious activity in a network is through anomaly detection. Blockchain boasts transparency and accountability hence every time sensitive data is retrieved, the ‘who’ and ‘when’, are recorded on the distributed edger. Where the parameters used do not conform to the laid out norms, alerts can be registered with the company’s Security Information and Event Management (SIEM). If the activity is indeed found to be malicious, a response team can promptly shut the internal or external threat out of the network to reduce the extent of the damage.

According to IBM x-Force Threat intelligence Index, data breaches in 2016 reached record highs. Notably, over four billion records were exfiltrated in 2016 which was significantly higher than the data exfiltrated in 2014 and 2015 combined. Protecting user data protects the users alright but it has significant financial incentives to the businesses themselves as well and the global economy as well. estimates by the McKinsey Global Institute as of 2014 indicate that all forms of data flows have seen the worlds GDP grow by an estimated 3.5%. this is said to account for $2.8 trillion in annual revenues for businesses. Considering these statistics, it is no doubt that protecting data from corruption and loss is of paramount importance.

Essentially, the core algorithm of blockchain relies on two types of records namely transaction blocks and individual transactions. Recording data on the blockchain starts with the conversion of each transaction into a hash value by blockchains code. The hash values are then combined in a hash tree or Merkle tree, with a specific group of hashed transitions to create a block. Each new block is assigned a unique hash which includes the hash of the preceding blocks timestamp and a header. The fact that a new block contains the feature of the preceding block means that both of them are linked thus creating first links of a chain. Consequently, the fact that the chain is created using the information from each block, the links are immutably bound together. This simply means that if one was to hack the data on the blockchain, they would have to hack all the blocks registered on the block and do so within 10 minutes. After 10 minutes anew block is added. How hard can it be?

The blockchain revolution is just in its infancy stage yet it has proved to be an effective and reliable technology for multiple applications. Venture capitalists across the globe have invested heavily in research and development of blockchain technology. Blockchain promises to address various vulnerabilities in data security which has given more reason to invest in further research and development. The US Congress has also taken notice of blockchain and this is evidenced by the launch of Congressional Blockchain Caucus. On reaching full maturity, the use of blockchain to prevent data loss will become more apparent.