Blockchain refers to the technology behind the creation of Bitcoin.
It is a shared, reliable, trusted, public ledger of transactions which is accessible to everyone for inspection but which is not under the control of any single user. Blockchains refer to distributed databases in which a continuously growing list of data transaction records are maintained, and cryptographically secured from illegal revision and tampering.
There are two kinds of records in a blockchain database, transactions, and blocks. Blocks clasp batches of valid transactions that are hashed and also encoded into a Merkle tree. Each block contains the hash of the previous block in the blockchain, thereby connecting the two.
In 1991, Stuart Haber and W. Scott Stornetta described the first work on a cryptographically secured chain of blocks, but in 2008 an anonymous person or team known as Satoshi Nakamoto with the real identity cloaked in secrecy conceptualized the first distributed blockchain.
The bitcoin blockchain file size has been growing rapidly, in August 2014; it has expanded from 20 GB to over 100 GB in size.
There are three main types of blockchains, public blockchains, federated blockchains, private blockchains.
The protocols of Public Blockchains are based on Proof Of Work (POW) consensus and robust algorithm with open source, meaning everyone can participate in them and explore them. It also signifies that any interested person can download the code and begin running a public node on their local device and validate transactions in the network, thus effectively participating in the consensus process. Public blockchains also allow anyone in the world to read and use the network to send transactions and expect to see them added to the blockchain provided the transaction is valid.
Examples of Public Blockchains are Ethereum, Bitcoin, Dash, Monero, Dogecoin, Litecoin, etc.
Federated Blockchains or Consortium Blockchains
Consortium Blockchains is the type of blockchains which operate under a group’s leadership. Unlike in Public Blockchains, a person with an independent internet connection is not allowed to take part in the verification of transactions process.
Federated or consortium blockchains are faster and provide more privacy for transactions. They are mostly used in the banking sector, and the consensus process is strictly under the control of a pre-selected set of nodes. For instance, a consortium of 16 financial companies each of which is operating a node, and out of which 11 must sign every block for the block to be valid. Under this type of blockchain, the right to read the block may be limited to the participants only or open to the public.
Examples of Federated Blockchains are EWF (Energy), B3i (insurance), R3 (Banks), Corda.
These are blockchains where permission to read may be public or limited to an arbitrary extent, while write permissions are centralized to one organization. Applications that are allowed under Private Blockchains are likely to be database management, auditing, and more which are internally limited to one company, and may never require public readability.
Private BlockChains offers the benefit of setting up groups and participants for internal verification of transactions, and they readily comply with state regulations on data privacy rules.
Examples of Private Blockchains are Multichain, MONAX.
The use of the blockchain for bitcoin is widely known to be the first cryptocurrency to solve the double spending problem without the need of a trusted administrator, and because of this, it is the most commonly traded digital currency till date. The global blockchain market of bitcoin is anticipated to worth over $20 billion by 2024. With this wide expectation, one can easily ask this question: Is cryptocurrency the evolution of money? With the way bitcoin blockchain file size grew in the last years, it has achieved just that to become the first digital currency to fit in this definition for creating the question.
Linda Rawson, is the CEO, and Founder of DynaGrace Enterprises, (http://DynaGrace.com) which is a Women-Owned, 8(a) Minority, Small Business. She is also the author of The Minority and Women-Owned Small Business Guide to Government Contracts.
Cybersecurity worm hole
A vulnerability is a weakness which allows a cyber attacker to compromise a computer system’s information assurance.
As you can imagine, a vulnerability left alone can take a production system down to its knees causing a company millions upon millions of dollars. The sooner we, as a company know, about vulnerabilities that can affect our company the better. It allows software manufacturers to develop and deploy patches quicker.
Legislation last week was announced last week by a joint House and Senate Democrats and Republicans that seems to be the first response to the “ransomware” outbreak that occurred globally. It is believed that attack was initiated by a National Security Agency (NSA) hacking tool. The bill, referred to as the “PATCH Act” makes permanent the current Vulnerabilities Equities Process that discloses when the government tells us about software vulnerabilities.
Senators Brian Schatz (D-HI), Ron Johnson (R-WI) and Cory Gardner (R-CO) as well as Representatives Ted Lieu (D-CA) and Blake Farenthold (R-TX), introduced the Protecting Our Ability to Counter Hacking (“PATCH”) Act.
Currently, not all vulnerabilities are shared with the Vulnerabilities Equities Process, and certain vulnerabilities are guarded.
The following statement can be attributed to Andi Wilson, Policy Analyst at New America’s Open Technology Institute:
“One of the most critical components of a strong vulnerabilities review process is that it apply to absolutely all vulnerabilities in the government’s possession, not just the ones that the intelligence community chooses to put into the process. The PATCH Act presents an opportunity to make vulnerabilities review consistent and transparent, assuring government stakeholders, companies, and the American people that a clear set of rules is being used to decide whether vulnerabilities should be disclosed. Given the very real cybersecurity concerns of nondisclosure, it is imperative that steps be taken to improve the process for vulnerabilities review, and legislation like the PATCH Act is crucial in establishing confidence and trust in that process. OTI strongly supports the PATCH Act sponsors’ efforts to address the cybersecurity risk posed by government-stockpiled vulnerabilities, and thanks Senators Schatz and Johnson for their leadership on this issue.”
Cyber-attacks continue to be a significant threat to companies. It is nice to know the House and Senate are becoming aware.
Cyber Security is currently a real need. Businesses of all kinds involve sensitive information especially those of customers. As information is usually gained from cyberspace, businesses are not really safe. If the information gets into the wrong hands, the cyber breach could cause catastrophic damage. Also, one small cyber breach on an Industrial Automation facility and production grinds to a halt.
Businesses lose thousands, if not millions of dollars when production stops.
In the last two years the rate of cyber crime has exceeded, and in 2015 alone, there were about 781 publicized security breaches that resulted in the exposure of over 169 million personal records.
Sadly, this number is increasing one year after another.
Such kind of attacks take place when there is a loophole in the techniques and measures adopted for cyber security. Big names like Target, Harvard, and BlueCross have also been a victim of cyber attacks which is proof that none of the big businesses are safe from this threat of getting attacked through cyber.
Over the last 2-3 years, the rate of cyber attack and cyber criminals are getting faster and better at figuring out the wormholes, and sadly this has made it difficult for the businesses to keep up. The conventional protective software has trouble keeping sensitive data secure.
So what to do? IT executives have come up with some innovative strategies that involve automation as a defense tool against such kind of cyber attack and breach of cyber security. Nowadays, the threats have increased, and the IT people are up against constant and persistent attacks and these threats are led by automated bots.
These are intensive attacks and humans cannot keep pace with some such threats, and it becomes difficult to take decisions that trigger the immediate effect. This is the leading cause of automation being incorporated in cyber security. Automation is not powerful but efficient as well.
At the same time, some concerns also surround the aspect of automation in cyber security like:
Lack of Trust: A highly skilled employee would feel capable of giving a response to cyber attack compared to a machine. Not being able to trust technology tends to be a significant obstacle that is difficult to handle with an increase in frequency and complexity.
Change: Another misconception is automation shall replace human workforce. Automation does play a major role in changing how people worked before, but it is creating opportunities for them as well.
To address these perceived shortcomings, there are some significant advantages:
Enhanced Efficiency: With the help of automation, the workflows become more uniformed and streamlined. And the organization becomes stronger regarding cyber security.
Fewer Errors: Majority of the renowned cyber breaches were caused by highly overworked individuals with no harmful intention. Even the experts of IT can make mistakes, but these could be massively damaging with automation, this problem can be eliminated by eradicating some or all of the human involvement.
Better Decisions: Automation allows industries to gather, analyze and prioritize sensitive information that boosts the threat detection and cyber attack management process.
Cyber Security should be the top-most priority of every business/industry leader as the average cost of a cyber attack ranges from $38,000 to staggering $400 billion!
The strategies need to be revised and audited properly to check their efficiency if the business is to keep from becoming the next target.
Automation is rising as an excellent tool for strengthening, boosting and streamlining the response processes to a better defense can be created.
#cybersecurity #security #privacy #tech #hacking #infosec #iot #DDoS #cyber