Placed under a constant barrage of attacks from cybersecurity threat actors, the financial sector is in dire need of a new solution that can provide a secure framework for their data, capable of putting them on an equal footing with malicious actors that seek to profit. Among the few that can answer this call for help is blockchain, a relative newcomer to the tech scene that demonstrates that it can leverage its suite of inherent benefits to block a series of attack vectors.
Find out how Modex Blockchain Database (BCDB) combines traditional data storage systems with a blockchain backend to help struggling financial institutions safeguard their most valuable asset, their data, and how it can mitigate cyberattacks before they even happen. Modex BCDB is doing this by connecting to a bank’s IT infrastructure through a set of custom connectors.
The cybersecurity threat landscape has evolved at an alarming pace in the past decade. Using new technology to exploit the vulnerability of existing systems, attackers seem poised to systematically dismantle the security system of banks and other financial institutions in a bid to extract funds and put a halt to operations. But in this context, technology is a two-sided coin or a double-edged sword. Regardless of which analogy you prefer, the idea is the same, financial institutions can put new and innovative technology to good use to build stronger and smarter data infrastructures that protect data records and subsequently their customers’ interests.
One of the major shortcomings of the traditional cybersecurity environment stems from the fact that it has evolved to adopt a reactive stance to the agenda of cyberthreat groups, producing security tools and countermeasures that are implemented after an attack has occurred. Unfortunately, due to the increase in sophistication, complexity, and aggressiveness of the newer generation of cybersecurity threats, once an attack has successfully hit its target, most of the damages cannot be undone. Maybe it’s time for a proactive approach enabled by blockchain technology, through which financial institutions can narrow down the range of attack vectors that malicious actors can employ.
What is blockchain, and why is it compatible with financial institutions?
The concept of blockchain was first unveiled to the world through the Bitcoin whitepaper in 2008. Initially acting as the backbone for the first truly decentralized cryptocurrency, Bitcoin (which has slowly entrenched itself as the preferred method of payment requested by cybercriminals), blockchain evolved into something much greater, managing to overshadow its initial purpose, becoming a hot topic for tech enthusiasts, companies, savvy entrepreneurs, and CISO who seek to use it as a foundation for a new type of data heaven.
For more than a decade since the technology has entered the market, it has firmly positioned itself in the limelight, gaining significant support and following. Even so, there is still much confusion over what is blockchain, and how it differs from technologies that preceded it. Blockchain is a distributed incorruptible ledger of economic transactions that can be programmed to record virtually any type of data that has value. A type of distributed ledger technology (DLT), blockchain is a digitized, distributed database that records all the information introduced in a decentralized peer to peer network.
The created database is then replicated and shared among the network participants. This means that all members have access to the information, which provides a highly transparent environment. When talking about blockchain, one should envision an ordered list of blocks, where each block is identified by its cryptographic hash. Every block is arranged in such a way that it references the block that came before it, which leads to the creation of a chain of blocks (hence its name). When a new block is created and appended to the blockchain, all the information contained by the new block will be available to every member of the network. Once recorded, the data in any given block cannot be altered retroactively without the alteration of all subsequent blocks.
Codifying the cybersecurity threats to financial institutions
Cybersecurity threat is an umbrella term used to describe a large spectrum of attack strategies that can drastically differ in approach and end goal. Contrary to common belief, recent attack patterns suggest that the groups behind them no longer limit themselves to compromising sensitive data, preferring instead to cut their initial financial gain and focus on disrupting the business flow of financial institutions by biding their time and striking at the right moment. As such, based on the objective of the malicious actors behind the cyberattacks, the economic consequences of a cyber event can spillover to customers and business partners, as the infection spreads from system to system.
In its standard form, blockchain technology presents itself as a new type of distributed and decentralized data infrastructure capable of guaranteeing trust that the information stored on the network has not been tampered with. Building on the foundation of trust provided by the default iteration of blockchain technology, Modex BCDB provides additional functionalities and features like data synchronization policies, access control mechanisms, on-demand encryption at the field level, all while maintaining the familiarity of working with a traditional database engine. As an agnostic technology, Modex BCDB is compatible with an extensive list of database engines and blockchain frameworks which gives financial institutions, regardless of their tech infrastructure the ability to seamlessly integrate a blockchain back-end to their existing systems, making them resistant to cyberattacks that target data confidentiality, availability, and integrity.
Traditionally, cybersecurity threats such as ransomware focus on encrypting sensitive data, effectively blocking companies from accessing their information without the decryption key. Recent attacks demonstrate that the groups behind these types of attacks changed their approach to put additional pressure on financial institutions by also exfiltrating the data that they manage to encrypt. Also known as data extrusion, data exportation, or data theft, data exfiltration is the unauthorized copying, transfer, or retrieval of data from a computer or server. Data exfiltration is a component of a larger family of security threats commonly referred to as data breaches.
A data security breach is an intentional or unintentional security violation where sensitive data is accessed, copied, and transmitted to an unauthorized external party who may use it for their benefit. The type of data targeted by attackers ranges from financial information like credit card or bank details, social security numbers, personally identifiable information, health records, corporate trade secrets as well as any type of intellectual property.
Data breaches have existed long before the digitalization of the business and enterprise environment. But since financial institutions have migrated their services to an online environment, and mobile banking has become deeply ingrained in our lives, financial services providers have come to rely heavily on internet-connected devices, which generates an increase in the number of exploitable access points that lead to data breach occurrences. As such, data breach prevention strategies have become an integral element in an organization’s ability to manage and protect sensitive data.
How does Modex BCDB ensure data confidentiality?
As data breaches are becoming more prevalent in the cyberspace, ensuring data security has become a top priority for companies, financial institutions, and enterprises in general. The most common method to ensure data protection is through encryption, a process through which information is transformed into ciphertext, an unintelligible block of text that can be decrypted only with the correct decryption key. For decades, data encryption has become an important line of defense in the flow of cybersecurity architectures because even if data is intercepted by malicious actors, a complex encryption algorithm can block attackers from deciphering the content of the information.
Modex BCDB enables companies to tap into the potential of blockchain technology to store their database entries into a secure tamper-proof blockchain ecosystem. The infrastructure of the BCDB system was designed with security in mind. To enhance the security capabilities of a standard blockchain network, Modex BCDB comes with a default data encryption mechanism that removes the need for programmers to write new code to encrypt data. To enhance user experience and add a layer of flexibility to the BCDB environment, users have the option to enable automatic encryption at the field level. As such, any new data inserts are automatically stored in an encrypted format.
Cybersecurity tools tend to focus mainly on preventing external attackers from accessing, destroying, or corrupting sensitive data. But often than not, an equally devastating type of cybersecurity risks, namely of the internal kind, do not receive the attention they deserve. Internal data leaks are the most common type of data breaches, that usually stems from employees. Although there are occurrences when an employee goes rogue and willfully sabotages the company, most of the time it is purely accidental, being the result of a phishing attack and accidental infection with hidden malware. Regardless if it was intentional or unintentional, the damages to reputation and profits are the same. To mitigate internal data leaks, companies employ strict internal policies, and data access mechanisms to restrict access.
Modex BCDB makes use of blockchain’s beneficial characteristics, and unique design choices, to lay the foundation to a new type of tamper-resistant data ecosystem. Blockchain achieves tamper resistance due to its data storing mechanisms and extensive use of cryptography and hashing functions. Hashing is a process through which data input is passed through a hashing function to obtain a hash digest, also referred to as checksum, a string of characters that acts as a unique identifier. In the world of data security, hashing brings several major benefits. Firstly, each input gives a unique hash digest. Even if only one byte is different between two seemingly identical files, the resulting outputs will be completely different. Secondly, it’s impossible to reverse engineer a hash digest, which means that you can’t determine the original input from the hash digest.
Availability focused attacks aim to interrupt the ability of a financial institution to access their data records. The most common and widespread type of availability attack is ransomware which is a type of malicious software that prevents users from accessing their system or personal files and demands a ransom payment to regain access. Over the past decades, ransomware has become one of the most prolific criminal business models in the world, because cybercriminals usually target high profile financial institutions, corporations, and even governmental organizations. Ransomware works by locking a victim’s computer through encryption and demanding a substantial sum of money for the decryption key necessary to decrypt the data. Depending on the group behind the ransomware, failure to comply with the demands may initially lead to an increase in the ransom and eventually to a permanent loss of the data, or new attacks based on the user base stolen from the previous attack.
The degree of data availability as well as the overall susceptibility of a system to data availability attacks is strongly correlated with the type of system data records reside in. The prevalence of siloed, centralized data structures in the financial sector already places financial institutions at a disadvantage by giving malicious actors a single target, a single point of failure that disables the whole system if it is compromised. By this rationale, blockchain gives companies a head start through its decentralized and distributed nature.
Modex BCDB preserves data availability
A major advantage of the Modex BCDB solution is that it enables centralized legacy systems to make the transition to a decentralized, distributed model without requiring a complete infrastructure overhaul. With a plug and play approach, Modex BCDB can connect to a bank’s IT infrastructure through a set of custom connectors. Once positioned between the application server and database engine of the company, the BCDB software acts as a liaison that connects the existing system to a blockchain backend.
Decentralization and distribution are core blockchain features that can significantly enhance the security of financial institutions, making them less susceptible to availability oriented attacks. Decentralization means that the network does not rely on a central server to host all the data, but distributes it across every network participant, also known as nodes. A blockchain network is composed of multiple types of nodes that perform different functions, full nodes for example store a copy of the entire blockchain. As a result, the system doesn’t have a single point of failure. If a node is compromised, sysadmins just have to address the vulnerability which allows the malicious user to access the network and restore the node to its previous version, or they can simply cut out the node entirely from the network.
In case of encryption by ransomware, the attacker would find it impossible to hold all the data hostage because the entire network is distributed among thousands of users (even more depending on the size of the blockchain) and even if they manage to encrypt a node, admins address the vulnerability that allowed the attacker to enter the system and restores the node to its previous version by pulling data from other nodes from the network. It is safe to assume that a blockchain-powered database can be an ideal solution to ransomware or other types of data availability attacks.
Data integrity attacks, also referred to as data manipulation attacks, are a type of cyberthreat that aims to undermine trust in the data records stored in the systems. Typically, in an integrity attack scenario, an unauthorized party gains access to a data system and manages to successfully alter data records without alerting authorized users and sysadmins. Paired together with the fact that many companies tend to neglect the importance and usefulness of data activity logs, many such attacks go unnoticed until the problem escalates even further, translating to financial damages, disruption of operations as well as the risk of compromising business partners.
As NATO has officially defined cyberspace as the fifth domain of warfare, state sponsored cyberattacks no longer seem the stuff of movies. Foreign factions may attempt integrity attacks on key financial institutions such as banks, and stock exchanges in an attempt to destabilize a country and cripple its economy. In late 2015, the US Director of National Intelligence James Clapper warned that integrity attacks will become more prevalent as they have the potential to create a snowball effect that will gradually generate more damage as they remain undiscovered “While most of the public discussion regarding cyberthreats today is focused on the confidentiality and availability of information, in the future, however, we might also see more cyber operations that will change or manipulate electronic information in order to compromise its integrity (i.e., accuracy and reliability) instead of deleting it or disrupting access to it”
Modex BCDB guarantees data integrity through blockchain-enabled immutability
Year after year companies spend billions of dollars on cybersecurity solutions to protect their data from external tampering. Besides cybersecurity measures, financial institutions, businesses, and enterprises rely on third-party auditing firms to guarantee that their data records are accurate and resolve any eventual disputes. Although an efficient line of defense, auditing firms charge a significant fee for their services, but more importantly there is the question of who verifies the auditor. In the end, companies are still required to place their trust in an external party to whom they must give access to their data.
Data integrity is directly related to the readability and trustworthiness of database records. In legacy systems, ensuring data integrity entails constant maintenance and frequent backups to guarantee the accuracy and consistency of data during its life-cycle.
The Modex BCDB solution provides a blockchain-powered alternative to this model. By combining cryptography with hashing algorithms, blockchain ensures data immutability, a feature that brings unprecedented levels of trust to the data owned by financial institutions. In turn, immutability provides data integrity which drastically simplifies audit processes, while providing proof to stakeholders that the information has not been altered.
Through minimal changes, Modex BCDB integrates between a company’s database and application server to grant access to a blockchain backend, an environment resistant to modification and external tampering. Blockchains are highly valued for their ability to guarantee data immutability and integrity, which they achieve by storing a digital signature of the information present in the database in interdependent structures called blocks. Unlike traditional database engines, blockchain is an append-only structure which means that information can only be added to the network but never deleted. At first glance, this may seem troublesome because it may lead to the accumulation of redundant data, but in fact, this feature acts as a timekeeping mechanism for the data, as it creates an exact historical record of each version of the data, providing useful information like when it was modified, how it was modified and who modified it.
Access to a complete and incorruptible ledger of all the data that was introduced in the system places financial institutions in a position of power as external actors will find it nearly impossible to modify data records without the system rejecting any unauthorized modifications. Furthermore, once data is validated and appended to the chain of blocks, it is distributed to every full node and partial nodes. This architectural design is what ensures blockchain’s near-real-time backup capabilities.
Modex BCDB brings blockchain to the cloud
Cloud-based security has been a game-changer for software developers and companies that amass a large amount of data that needs to be stored in a secure environment. Over the years, cloud storage has demonstrated that it can provide a reliable and flexible environment for companies to store and organize their data infrastructure at an affordable cost, with the added benefit of removing storage-related limitations.
Although it presents itself as a viable alternative to traditional on-prem data storage, cloud computing is susceptible to a series of vulnerabilities that can compromise a client’s data. Due to its software as a service nature, cloud computing entails a shift in control over the data from the client to the service provider which brings the risk that sensitive data can be compromised by an admin or other external attackers.
A large segment of financial institutions has slowly started to migrate to a cloud infrastructure because of its ability to cut data storage expenses, increase system uptime, and ensure that their data is being stored securely. The problem is that with so much financial information stored on the cloud, cloud service providers have become a tantalizing target for attackers. The global hacking campaign known as Cloud Hopper has shed light on the risks and dangers associated with compromised cloud data. In the Cloud Hopper incident, attackers known as APT10 gained access to cloud service providers that stored valuable corporate and financial information. Once attackers managed to successfully penetrate the cloud infrastructures, they were free to hop from client to client, evading investigator’s attempts to eliminate them for years.
Wall Street Journal conducted an investigation on the subject matter which highlights the fact that a dozen cloud providers have been affected by Cloud Hopper. To further aggravate the situation, cloud providers refused to communicate to clients what was happening in their networks with their data. A major issue with relying on cloud storage services is the fact that the sole responsibility for securing corporate, financial and any other valuable information lies with the cloud customer, not the cloud provider. As such, cloud providers are not legally or contractually obligated to ensure the safety of customer data, regardless of what their marketing and PR teams may claim.
Over the past decade, the supremacy of cloud computing has been challenged by a relative newcomer to the tech scene, blockchain technology. Intentional or not, blockchain seems to be what cloud computing was always supposed to be, a transparent and interconnected network that eliminates the need for a centralized authority. Blockchain offers a series of benefits like data integrity and immutability, high availability as well as real-time data backup which removes the need for database snapshots.
As a blockchain enabler, Modex BCDB offers companies the possibility to tap into the benefits of both technologies. This is because the Modex BCDB solution can integrate the blockchain database infrastructure in a cloud base structure to guarantee user ownership of the data, enhance client-side authentication while ensuring transparency and accountability.
Financial institutions are a prime target for cyber threat actors. For years, data confidentiality and availability attacks have systematically disrupted operations across the financial sphere, which has led to numerous operational bottlenecks and loss of funds. Integrity-based attacks are becoming more widespread and the potential danger this type of attack should not be ignored by the financial industry. Modex BCDB combines traditional data storage mechanisms with blockchain to create a technological layer that seamlessly integrates with existing IT infrastructures to increase their tolerance and even completely mitigate availability, confidentiality, and integrity attacks on financial service providers.