Today I had the pleasure of attending a Chertoff Group Conference, #TCGSecuritySeries. I was fascinated with the cryptocurrency discussion led by Jason Cook – Managing Director of the Chertoff Group. Panel members included Rich Baich, Executive Vice President & Chief Information Security Officer of Wells Fargo & Company; Dave Jevans, Chief Executive Officer at CipherTrace; and Mance Harmon, Chief Executive Officer & Co-Founder of Swirlds.
Below are just a few tidbits from this thought-provoking discussion.
What’s the big deal about cryptocurrencies?
- Cryptocurrencies fuel a multi-billion dollar economy
- In one year, if all continues on course, the cryptocurrency economy will represent more than a trillion Dollars – which has more value than Canada’s GDP. .
- The vast majority of ransomware is powered by Bitcoin
What’s important to know in regards to cryptocurrencies and security trends?
- The Darkweb is being used to sell your private data (credit cards).
- There is now a whole class of crime called data extortion. This entails the theft of customer data and private information., which cybercriminals then threaten to make public unless they get paid a ransom.
- One step organizations can take to address this threat is by developing a definition for an enterprise-grade consensus server for connecting organizations.
- From there, they need to implement that consensus server — a trust layer to go across the internet to connect the organizations and take advantage of improved security models.
A Few Surprising Facts about Blockchain:
- Blockchain, a digital ledger in which transactions made in bitcoin or another cryptocurrency are recorded chronologically and publicly, has real potential from a currency perspective, but there is no real production Blockchain project underway.
- If anyone wants to bring these systems into the open and transact for value, security is going to be a massive concern.
- If we move to blockchain, every bank will have to develop a security system that is just as secure as SWIFT (the current security solution used by banks to transfer money). This will be a huge challenge for banks.
- Cryptocurrency is the killer app for blockchain technology. There are potentially thousands of others.
The Biggest Digital Economy Security Concerns
- Distributed ledger technology is at the heart of the security concern because it’s the technology’s engine that acts like a database. There may be multiple ledgers, and one or more may act as the master. Copies are used for disaster recovery. If you make the copies a master as well, you are writing to both simultaneously. When you have a write conflict (two transactions come in simultaneously), then the community has to agree on the order to execute the transactions. You can take a master out of one organization and give administration to a different party. You can take all the masters and put them in control of many different organizations. They can run each securely.
- You should not be able to execute a DDOS attack against the network and bring it down.
- You should not be able to change the actual order of transactions and no one should be prevented from transactions.
- Protection of security encryption keys is also an issue. If you have the encryption keys, you can effectively become the transacting party.
A Few Words of Security Advice
Going forward, organizations and the security community will need to:
- Cultivate security education based on a deeper understanding of the threat
- Implement regular “reality checks” of their security and compliance posture.
- Thoroughly assess and prioritize risks and implement solutions and strategies for risk mitigation
- Develop a government body for the crypto economy – possibly like the Federal Reserve Board for world governments.
Thanks to the Chertoff Group, and Secretary Chertoff, for inviting us to this very interesting event in Palo Alto, California.
By Susan Thomas
Enjoy your read? Check out our other content here.