Blockchain is evolving into a more mainstream technology, and the market for the technology is growing rapidly. In 2017, the global technology market for blockchain was $339.5m. By 2021, this market is projected to grow to $2.3bn
It is clear many individuals and organisations from different fields are now looking at applications for blockchain that extend far beyond its origins in cryptocurrency and new financial models. Of course, banking appears to be the first major industry investing heavily in blockchain. But, as we are seeing, everyone from Microsoft to academia are exploring the technology's potential, and its implications to disrupt their industries. It's no surprise then that blockchain is now producing real implications for the cybersecurity field. As blockchain becomes the "invisible fabric" underlying online activities, it's important to ask how it might solve existing cybersecurity problems-or even create new avenues for attack.
How secure is blockchain technology and how effective is it against data breaches or hacking?
Blockchain is a secure technology. It is built on the foundations of cryptography and inherently protects modification of data. The underlying technology solves problems surrounding fraud and data tampering. This in addition to the distributed nature of blockchain makes it very attractive as a secure platform for many commercial applications. Therefore, it is not surprising that the first successful and commercial application of this technology has been on crypto currencies. At the same time, there are inherent vulnerabilities that come up on the applications that are built on top. This has led to well-known breaches in crypto currencies and wallet applications built on blockchain. We have seen multiple breaches across implementations including Ethereum, Nicehash andTether.
It is my view that applications built on blockchain have to go through a maturity curve to be secure and reliable. While blockchain is a secure technology, commercialisation will bring it under the aggressive scrutiny of cybercriminals. If there's one reality of the cybersecurity landscape, it's the constant evolution of attack and defence. The possibility of blockchain itself being breached is real.
How can Blockchain provide better security and reliability?
Blockchain provides distributed data storage, puts up additional safeguards to prevent stored data from being modified by unauthorised actors, and decentralises validation to prevent fraud. It removes many human points of failure and has many different applications and enables automation at many distinct stages of business processes.
In addition to this, blockchain deployments are evolving in terms of features. Bitcoin, the first version as an example was quite static. Ethereum added more features in terms of programmability and dynamic contracts. This evolution adds to insecurities. Today, we have many wallets built on top of blockchains. They are as secure as the quality of their code. If the application code is insecure, they carry all the insecurities of software hacks that can happen no matter how secure the blockchain is.
The learning from high impact breaches has led to initiatives for more reliable and secure blockchain deployments. There are two sides to this: one is all about following secure coding practices along with following the basics for protecting the inherent infrastructure that these applications run on. Infrastructure protection would mean access control, security monitoring, and vulnerability management to protect the infrastructure that is hosting blockchain. The other side of the coin is the evolution of blockchain technology itself with better architecture that minimises the effect of having to fork and create different versions that we have seen in the case of Ethereum and Bitcoin. The current generation of blockchain based technologies are being built for higher functionality with scale but without compromising security.
What impact can blockchain as a technology have on the information security landscape particularly for corporate and individuals?
I think blockchain will have a positive impact on cybersecurity. On the corporate side, it will make it easier to secure financial applications given that it can defacto manage data tampering with lesser effort. With the rapid evolution that is happening, many use cases that were difficult to secure will become easier. This is one of the reasons that a number of real time settlement systems are moving into private or public block chains. There are also innovative projects to build authentication infrastructure on block chain.
On the consumer side, there are initiatives to use blockchain for connected homes, IoT security, security of citizen information and many other schemes.
So, blockchain will definitely play a significant role in cybersecurity. Like any other new technology, there is hype around the impact. Blockchain cannot be a magic bullet solving all cybersecurity issues but has a significant role in making our digital economy a safer place.