Uncontrolled blockchain adoption could blindsight IT security teams
6 July 2018
Much has been said about whether blockchain will be the saviour of cyber security or if it will come with its own chain of vulnerabilities that will give fresh headaches to cyber security experts. While the concept promises high efficiency while being cost-effective, a slew of cryptocurrency hacks over the past year has raised questions over its long-term viability.
Speaking to TEISS, Andy Herrington, Head of Cyber Professional Services at Fujitsu said last year that like any other new technology, blockchain could feature certain vulnerabilities and the same could take time to be fixed as users still had much to learn about how it worked.
“It is important to understand that no software or piece of technology is absolutely immune to issues and blockchain is still an emerging, albeit important and dynamic technology with new innovations emerging rapidly.
“For blockchain, one of the key problems is its dependence on new programming code which makes it difficult to identify flaws before they’ve been exploited. In addition, much investment has been made in meeting current regulatory and compliance frameworks based upon more traditional ‘ledger’ methods,” he said.
A report released by International Data Corporation (IDC) revealed earlier this year that blockchain, the new kid in the block, had truly caught the fancy of enterprises storing or handling vast amounts of data. The firm estimated that global spending on blockchain solutions could touch $2.1 billion in 2018, more than double the amount spent last year.
“The year 2018 will be a crucial stage for enterprises as they make a huge leap from proof-of-concept projects to full blockchain deployments. As a leader in blockchain innovation and integration, the US will continue to invest in blockchain throughout the forecast, spending heavily in financial services, manufacturing, and other industries,” said Stacey Soohoo, research manager for customer insights and analysis at IDC.
Explosive blockchain adoption could cause headaches to IT experts
According to security solutions provider RSA, such an explosive growth in the adoption of blockchain technologies could turn out to be a bane for enterprises as it will be difficult for their IT security teams to learn about vulnerabilities in blockchain technologies in such a quick time.
“There is evidence – particularly in financial services – that blockchain adoption is gaining momentum. If this is the case, then organisations need to be prepared for the impact this could have on their security operations teams,” said Azeem Aleem, Global Director – Worldwide Advanced Cyber Defence Practice.
“As with any new technology, hackers will look for vulnerabilities in how businesses implement blockchain, if not natively within technology itself. Any disruption or security breach due to a blockchain vulnerability could have a serious impact on operations. Organisations must take a business-driven approach to this new risk, so that advancement in one respect does not create risks elsewhere that could hinder long-term progress.
“Security teams must quickly understand the new ‘normal’ in their IT environment to detect suspicious behaviour faster. But this can be an extremely arduous process using traditional, log-based SIEM tools. Without proper configuration when feeding this new data into the SIEM, the result is often a flood of false positives that leave security analysts fire-fighting, while hackers slip by in the confusion,” he added.
Securing blockchain as essential as using it
According to RSA, enterprises must take security into account from the very early stages of any blockchain implementation, while also taking advantage of developments in behavioural analytics and artificial intelligence to support the secure adoption of new technologies.
It adds that enterprises must evolve their security information and event management (SIEM) systems to ensure they are able to analyse new technologies and learn more about them so as to implement blockchain safely and without having to worry about unwanted intrusions.
“As a first step, you should ensure that you have low-level visibility into what the technology is doing, which means feeding relevant log data from the blockchain into your SIEM. Once analysed over a period of time, the SOC team will be able to detect an anomalous pattern against a normal pattern of behaviour.
“According to 451 Research, organisations currently pass less than 30% of their data through a SIEM; this severely limits the SOC teams’ ability to identify and respond to threats. Yet data feeds are only part of the puzzle. Organisations must arm their SOC with the right tools to help detect and prioritise security events effectively.
“User and entity behaviour analytics and advanced threat metrics can provide vital context. Ultimately, greater visibility and more advanced threat detection will help organisations to mitigate risk, while also enabling faster adoption of new technologies – everyone wins,” the firm added.
Suggested reading: RSA’s CTO: Bullish on security, bearish on blockchain