Don't compromise security when exploring blockchain initiatives, organisations warned
If you mention the word blockchain at an event or networking soiree, there will naturally be a frenzy of activity; how is your business going to be transformed by it? How much are you betting on it? But is this rush to take advantage of the newest, shiniest object neglecting security?
According to new figures from RSA, traditional security information and event management (SIEM) tools aren't going to cut it with identifying 'new normal' behaviours associated with blockchain - leaving organisations vulnerable to cyber attack.
Take blockchain platform EOS as an example. Back in May, Chinese internet security company Qihoo 360 disclosed what was described as an 'epic' vulnerability potentially enabling hackers to control all network nodes. As RSA explains, the fundamental tenets of security and trust which make blockchain technologies so enticing are shifting the goalposts for IT security teams.
"Security teams must quickly understand the new 'normal' in their IT environment to detect suspicious behaviour faster. But this can be an extremely arduous process using traditional, log-based SIEM tools," said Azeem Aleem, RSA global director for its worldwide advanced cyber defence practice. "Without proper configuration when feeding this new data into the SIEM, the result is often a flood of false positives that leave security analysts firefighting while hackers slip by in the confusion."
It is all aspects of the ecosystem which can be affected. Platforms themselves are disrupted - while last month cybersecurity firm Carbon Black said that more than $1.1bn of cryptocurrency had been stolen in the first half of 2018. As sister publication The Block put it, it 'emphasised the ease and lack of skill required to commit cybercrimes' in this area.
RSA argues that as blockchain is uncharted territory for security operation centres (SOCs), all bases need to be covered. Log data needs to be fed from the blockchain into the SIEM tool, therefore giving security teams over time enough data to detect anomalous patterns.
"Organisations must arm their SOC with the right tools to help detect and prioritise security events effectively," added Aleem. "User and entity behaviour analytics and advanced threat metrics can provide vital context.
"Ultimately, greater visibility and more advanced threat detection will help organisations to mitigate risk, while also enabling faster adoption of new technologies - everyone wins."
- » Commoditising cybercrime: The rise of ransomware-as-a-service
- » Symantec acquires Appthority to help secure the modern endpoint
- » Get to grips with DevSecOps – and address security flaws much more quickly
- » CIOs fear IoT-related performance and revenue meltdowns, new research finds
- » WhiteHat Security reveals how enterprise security vulnerabilities are introduced via traditional applications