Growth and evolution are two of cybersecurity’s defining characteristics. Mastering the subject requires more than just an understanding of the fundamentals. It’s equally important to understand how newer innovations, like blockchain, change the digital landscape.
What is Cybersecurity?
Before looking at the role of the blockchain in cybersecurity, it’s essential to define cybersecurity itself. The term cybersecurity covers many different topics. People often frame the subject around hacking, but cybersecurity also covers social issues like teaching employees to protect their passwords or to avoid running unauthorized software at work. Modern cybersecurity is the collection of practices that safeguard and secure computer systems. Computer systems in this context encompass everything from laptops to servers and even mobile devices.
Cybersecurity has become vital to business as professional spaces transition to digitally focused environments. Everything from a company’s finances to business strategies is now stored on computers. As such, anyone who hacks into a company’s computers can pick and choose to take anything from within it. So, how important is cybersecurity? It’s not hyperbole to say that computer security is as important as the business it protects. And digital currencies let hackers steal money from a company without ever needing to breach bank security.
What Is a Blockchain?
Given this new technology is groundbreaking, you might wonder how blockchain impacts computer security. However, before considering the intersection of computer security and blockchain, it’s essential to ask what blockchain is in the first place.
In simplest terms, the blockchain is a digital ledger filled with information – typically transactions. That description abstracts every essential part of the blockchain’s real-world inspiration. Verifications similar to signing your name on a legal document can exist within the blockchain. This is a critical element of the medium and is why it’s so important. The blockchain allows for uniqueness similar to your signature or fingerprint.
The ability to store digital fingerprints is an integral part of the blockchain, but that’s only the beginning. Next are the elements from which its name is derived. The blockchain is essentially a virtual, digital chain of blocks. Every block is a collection of those digital transactions or data points, and they’re all linked together by type. This is why you’ll see mention of different kinds of blockchains. The blocks within a chain are all of the same type. However, there are also many chains of blocks, each with advantages and disadvantages. Some focus on acting as a ledger, while others emphasize program logic, voting systems, or smart contracts. All of these elements are important in and of themselves. However, what makes the system special is the emergent properties gained by looking at them as a singular whole.
The system is decentralized. The data is distributed within points in the network rather than in a singular, potentially vulnerable position. Likewise, every block within the chain is cryptographically connected to the one that comes before it. Combined with that chain’s decentralized nature, the system is automatically secured against various potential vulnerabilities. Likewise, new data is added through an automated vetting system among multiple points. This, too, highlights the security born from distributed computing.
With this in mind, you can also see why it perfectly fits digital currency. Cryptocurrency needs to be unique, verifiable, and secure. The blockchain’s nature does that by default. However, cryptocurrency is only a tiny part of the more prominent technology, just as online stores are only a small part of the more extensive Internet.
What Is the Role of Cybersecurity in Blockchain?
So far, the blockchain has inherent protection from hackers and other digital threats. And you’d be right, at least to a certain extent. The various implementations of the blockchains do have intrinsic protections based on their underlying technologies. However, there has never been, nor can there ever be, a secure system. Even if technology were immune to hacking through computational means, it’d still be vulnerable to social engineering – manipulating people to fish for passwords and similar information. Likewise, a standard method of attack is to find why a secure element is inherently safe and remove that protection. An excellent example of such can be seen with the Ronin network hack.
The Ronin network is a blockchain implementation built on the popular Ethereum system for the Axie Infinity game. The game leverages the blockchain to store the creatures a player creates, modifies, plays with, and sells. The Ronin hack was performed by taking control of the blockchain’s validator nodes. The system’s validation required five out of nine nodes to register a transaction before approval. This is usually an inherently secure design as people aren’t likely to gain control of five different, heavily secured nodes within various environments. However, the Ronin network was more centralized than most blockchain implementations.
Sky Mavis, the Axie Infinity company, ran most validator nodes and worked with known parties to adjust for high network load. This load balancing was an issue as the temporary authorization for an additional node wasn’t revoked upon completion. As is often the case, human error proved to be the fatal flaw within an otherwise secure system. The hack itself is elaborate and works from multiple angles. However, the heart of the issue stems from administrators hobbling the system’s normal decentralization and their lack of prompt attention to authorization management on off-server nodes.
Ronin’s abnormally centralized implementation meant the hackers could gain the five validator nodes needed for verifications once a single location was compromised. A lack of automated security monitoring within the network worsened the situation. The culmination of those issues was a loss of over $625 million. The lesson for cybersecurity experts is clear. Work with a blockchain’s strengths and only implement something that would work to the detriment of those inherent qualities. Building on the blockchain’s strengths rather than reducing their efficiency is essential.
The BNB hack offers another excellent example of how hackers can bypass a blockchain’s security instead of directly fighting it. Blockchains use digital bridges to communicate with other blockchain implementations. These bridges typically need more security in either the source or destination chain.
Hackers were able to spoof verification for the bridge and, in doing so, gained the ability to mint new BNB tokens. The hack resulted in an initial loss of around $566 million tokens. However, Binance cybersecurity was able to move quickly enough to limit the total loss to $100 million. The team was also able to halt the blockchain’s validation system and suspend any additional processing until they could identify and fix the vulnerability. This highlights the importance of human cybersecurity experts implementing and monitoring automated security systems. The human element is always paramount for cybersecurity.
Want to Learn More?
IT careers have become essential not just in Austin & Killeen but globally, and there is no better time to pick up than now. In 2021, Austin was ranked #1 in Best Tech City for IT jobs by CompTIA, and the demand is only growing. Plus, cybersecurity is a key part of any IT career, and it is now included in CyberTex’s high demand IT program.
The Network Engineer Program at CyberTex prepares you for advanced computer networking and security jobs. You will learn the skills and abilities to set up, install, configure, repair, and manage modern computer networks and their security.
Contact us today to learn more about our Network Engineer program.