Crypto-Currency Software Emerges as Tool to Block Cyberattacksby
Defense agency behind internet backs startups using blockchain
Security veteran McAfee sees safer future in blockchain ledger
The U.S. defense agency that helped invent the internet is now looking at blockchain, the database technology behind the digital currency bitcoin, to help protect the networks its research made possible.
The Defense Advance Research Projects Agency, an R&D arm of the military, has funded several startups and technology companies, such as Guardtime Federal LLC, while others including anti-virus pioneer John McAfee’s MGT Capital Investments Inc. are exploring or deploying the blockchain to identify and deter cyberattacks. Several new products should hit the market within months.
All of these companies are seeking to build on the strength of the blockchain, which lies in its ability to quickly verify the authenticity of data entries and the identities of people accessing them. That makes the technology a natural fit for the cyber-security software, hardware and services market, according to researcher Cybersecurity Ventures.
“Banks will be the early adopters and spend most heavily in this space,” said Steve Morgan, founder and editor-in-chief of Cybersecurity Ventures. “We expect billions of dollars to flow into the blockchain market over the next five years. Other industries will follow as the banks legitimize the technology.”
The technology can secure an organization’s network by placing the identities of all authorized users in the blockchain ledger, which continuously verifies them. In theory an unauthorized user is instantly detected. A blockchain can also continuously ensure that all the bits of code used to run a network are authorized and genuine, and that files haven’t been modified.
“There are whole categories of attacks that would be no longer valid,” said Tim Booher, a project manager at DARPA in Arlington, Virginia. “It would be like a warehouse where the guard checks every file cabinet every second.”
Booher said the blockchain would potentially take the teeth out of attacks such as code injection, which forces a computer to run a hacker’s code.
Good in Court?
The technology can also help companies collect evidence from a hack. An appliance sold by Guardtime Federal, based in Alexandria, Virginia, uses the blockchain database to track who is accessing what and when.
“The problem with a lot of systems today is that there’s no way of using the data as evidence in court,” David Hamilton, president of Guardtime Federal, said in an interview. “But when you have the blockchain, a digital notary of what happened on what date by whom, it makes it very hard for someone to say, ‘I didn’t do that.”’
That said, the blockchain is no panacea. It may need to be augmented with other technologies, analytics and employee training to protect companies and even the combination may not always work against attacks like phishing, for example, where an employee clicks on an e-mailed link and unwittingly grants hackers access to a network.
“There’s a lot of irrational exuberance around the blockchain technology, where people believe it can do many magical things,” Anil John, a program manager at the Department of Homeland Security in Washington, said in an interview. “There still needs to be a significant amount of effort put into a solution. The richness is not there, the performance is still to be worked out.”
Still, the approach may provide advantages over traditional security software, which can take days or months to detect a hacker’s presence. Most invaders spend 150 days on a network before they are discovered, according to Cybersecurity Ventures.
“Everyone is stuck on the anti-virus paradigm, and that no longer works,” McAfee said in an interview.
Paving the way for government use, DARPA has funded a handful of startups, such as Guardtime Federal and Galois Inc., to develop blockchain uses for secure communications, as well as potentially everything from weapons systems to files. The work should be completed within a year, Booher said. Some defense contractors are already demonstrating and deploying the blockchain, he said.
McAfee hopes to take the technology to corporate clients in June, when his 20-person startup will release a follow-up version of its software-hardware box called Sentinel, due out from the Harrison, New York-based company in mid-February.
Sentinel will use artificial intelligence to scan for unusual behavior, such as an employee suddenly working late and downloading large files, while the blockchain will track identities of people who should have access to a corporate network -- and immediately flag any unauthorized users, ostensibly before they have a chance to do harm.
Homeland Security has given out grants to startups like Evernym Inc. to see if the blockchain could be used to verify identities -- data such as the birthdates and citizenship of people undergoing airport checks, or the credentials of first responders.
The functionality could be ready for deployment by the end of 2017, said Drummond Reed, chief trust officer at Evernym. In September, the startup donated some of its intellectual property to Sovrin Foundation, which is developing a way for anyone to verify their digital identity using the blockchain.
“This is the biggest leap forward for cybersecurity infrastructure in 20 years,” Reed said.