The enterprise sphere is a constantly evolving landscape that actively seeks to integrate new technologies to improve their internal business flow, enhance operations and increase productivity. The core of this multifaceted structure is built around data of all shapes and sizes. As such, data storage, manipulation, and transmission have become an integral component in the operational flow of every company, regardless of the business logic involved. From a global perspective, companies, enterprises, and industries have come to rely extensively on technological frameworks to gain a competitive edge and offer the best services available. This dependency on a technology infrastructure and the internet as a medium for propagating data across various channels has led to the creation of new business models that unlock new revenue streams for the organizations involved. But new opportunities are accompanied by new challenges, and in this context, cybercrime activities have emerged as a burgeoning underworld industry, that seeks to exploit new gaps and opportunities present in enterprise frameworks. This phenomenon has become so prevalent, that Ginni Rometty, Chairman, President, and CEO of IBM, has declared that “cybercrime, by definition, is the greatest threat to every profession, every industry, every company in the world.”
The evolving cybercrime spectrum
According to Gartner, worldwide spending on cybersecurity is forecasted to reach USD 133.7 billion in 2022. This is because companies and cyber attackers are engaged in an ongoing race to outwit each other. Cyber-attacks are becoming more structured and organized, increasing in complexity and approach, as more sophisticated versions of malware software emerge on the market. The main goal of these malicious actors is to steal, compromise or hijack valuable data, ranging from intellectual property, personal identifiable information, financial data, and health records through various methods and strategies. Their modus operandi varies depending on the scope of the attack, which can take the form of various ransomware techniques in a bid to monetize data access, to complete disruption of business operations through Distributed Denial of Service attacks.
For over a decade, blockchain has become a hot topic in the tech community for its ability to create a highly secure data ecosystem, capable of strengthening existing systems by closing a series of proverbial back doors that can be exploited by malicious actors. Commenting on the potential of the technology, Ed Powers, Deloitte’s U.S. Cyber Risk Lead, stated that “while still nascent, there is promising innovation in blockchain towards helping enterprises tackle immutable Cyber Risk challenges such as digital identities and maintaining data integrity.” As a type of Distributed Ledger Technology, blockchain is by design highly resistant to external tampering, making it a viable extension to existing cybersecurity mechanisms. Initially conceived as a supporting framework for cryptocurrencies, blockchain can prevent fraudulent practices through inbuilt consensus mechanisms, anti-tampering architecture, transparency, and auditability.
What is cybersecurity?
Cybersecurity, also known as information technology security or electronic information security is the practice of defending computers, networks, servers, mobile devices, and electronic systems from malicious actors that try to gain access to sensitive data for various nefarious purposes.
The concept of cybersecurity is often used as an umbrella term to describe a wide range of security practices across the technological spectrum:
- Network security – a suite of practices and strategies focused on protecting computer networks and data traffic from targeted attacks or opportunistic malware;
- Application security – the protection of software and devices from malware infection, or external tampering. Antivirus and anti-malware software are used to regularly scan user/employee devices for malicious software. The problem is that a large segment of hackers are proficient in bypassing this type of software;
- Cloud security – the protection of data and applications that reside on a cloud infrastructure;
- Information security – ensuring data integrity and privacy, both at rest and in transit;
- Operational security – a set of strategies and processes designed to protect data assets. Authentication services are used to limit and track employee access to protect internal system data from malicious actors;
- Encryption – a layer of security that protects by transforming it in ciphertext;
- Disaster recovery and business continuity – a set of strategies and policies that dictate how an organization should react in case of a cyber-attack. To keep the workflow intact, companies formulate a series of fail-safe mechanisms that help isolate a compromised business segment, usually by relying on a backup system;
- Employee/end-user education – not every cybersecurity measure is technical in nature. People are often the main source of accidental data breaches and leaks. As such, a set of guides and principles at the workplace are instrumental in ensuring the security of company systems and data.
Common types of cybersecurity threats:
- Malware – one of the most prolific types of cyber threats; it is a malicious software created by cybercriminals that aims to gain unauthorized access to a system or disrupt a company’s business flow. Depending on their end goal and method of spreading, malware software branch in different categories:
- computer virus – a self-replicating program that spread throughout a computer system by infecting multiple files;
- trojans – a type of malware that disguises itself as legitimate software with to trick users. Once inside a system, trojans usually collect data and transmit it to a malicious third party;
- spyware – a software that hides within a computer system to collect user activity and sensitive data;
- ransomware – a type of malicious software that prevents users from accessing their system or personal files and demands a ransom payment in order to regain access. Like many types of malware software, ransomware propagates through malicious email attachments, infected software apps, infected external storage devices, and compromised websites. There have also been cases where attackers used remote desktop protocol and other approaches that do not rely on any form of user interaction;
- adware – advertising software that is purposely designed to spread malware;
- botnets – computers that are hijacked by cybercriminals to perform tasks online without a user’s permission. The computational power of multiple compromised computers can be used by hackers to launch large scale attacks on other systems;
- Phishing – the practice of sending fraudulent emails that resemble emails from reputable sources like a financial institution in an attempt to steal sensitive data and credentials
- Man in the middle attack – a type of attack in which cybercriminals intercept the communication between two parties in an attempt to extract sensitive information and steal data in transit. Modex BCDB negates this type of attack by utilizing asymmetric encryption to secure communication channels and messages. Without the proper keys, it is impossible to decode the message.
- Distributed Denial of Service – cybercriminals pool their resources together to flood the network and servers of a company with excessive traffic to render their system unusable for a period of time
- SQL injection – a type of attack that aims to take control or steal data from a database system. Cybercriminals exploit the vulnerabilities of applications by targeting the database component, injecting malicious SQL code. In the Modex BCDB environment, if a hacker attempts to perform an SQL injection, the system will automatically reject any changes made to the database. This is because data records have a hash reference stored on the blockchain network. If any unauthorized changes occur, the system performs an integrity check and rollbacks to the previous version. As an added layer of security, users are required to use their credentials to log in to the Modex API interface to make changes at the database level
- Social engineering – often overlapping with phishing, it is a tactic through which individuals attempt to psychologically manipulate and coerce targets to obtain confidential information and credentials. Often this type of approach is used in conjecture with other types of attacks.
In a society where data has become the cornerstone that supports and fuels business interactions, data protection has cemented itself as a critical component that safeguards the interests of companies that operate and process large amounts of data. As the data pool of a company expands in size and scope, the challenges faced by Chief Information Security Officers also multiply. Success in a business venture is quantified by the growth of a company’s system. The problem is that larger systems are more complex and difficult to manage, presenting numerous entry points that can be exploited.
Data breaches have existed long before the digitalization of the business and enterprise environment. But since companies have migrated towards digital storage mediums, they have come to rely heavily on internet-connected devices, which generated an increase in the number of exploitable access points that lead to data breach occurrences. As such, data breach prevention strategies have become an integral element in an organization’s ability to manage and protect sensitive data.
The data breach phenomenon has become rampant in the enterprise sector. According to Risk Based Security, a global leader in vulnerability intelligence, breach data, and risk ratings, in the first nine months of 2019, 5.183 data breaches have been reported, with an estimated 7.9 billion records exposed. Compared to mid-2018, the total number of data breaches has gone up by 33.3%, and the total number of records exposed more than doubled, up to 112%.
A data security breach is an intentional or unintentional security violation where sensitive data is accessed, copied and transmitted to an unauthorized external party who may use it for their benefit. The type of data targeted by attackers ranges from financial information like credit card or bank details, social security number, personally identifiable information, health records, corporate trade secrets as well as any type of intellectual property.
Data breach causes:
- external attacks – a cybercriminal can exploit a vulnerability in a system to get hold of a company’s database;
- spyware – malicious software that infects a system to extract sensitive data;
- phishing – a type of attack in which malicious actors steals the credentials of an employee to impersonate them to get access to company secrets and other private information;
- faulty or misconfigured access control mechanisms;
- an employee who leaks sensitive data by mistake or to harm the company.
The problem with data breaches is that there are no security products that can fully protect a company from data breaches, its impact can be lessened through a series of preventive measures and internal company policies:
- implementing a nondisclosure policy to protect confidential information
- conduct regular vulnerability and penetration testing
- data encryption
- segmenting data to slow down attackers in case of a breaches
- enforce the principle of least privilege – give employees minimum permissions and administrative rights to perform their job functions
- formulate an incident response plan – a comprehensive list of procedures and rules to be implemented when a data security breach occurs to diminish its impact.
Where Modex steps in
Modex BCDB is a middleware software solution that can be used to supplement established data breach and data loss prevention mechanisms. By connecting an existing software application to a blockchain backend, Modex BCDB can ensure confidentiality, integrity, and availability of databases. Through Modex BCDB companies can move from a centralized model to a decentralized, distributed model, secured by complex encryption and hashing algorithms. In addition, the Modex solution comes with inbuilt customizable data access mechanisms and a separate blockchain authorization network that stores user credentials and passwords, to create an ecosystem inherently resistant to data loss.
Blockchain in Cybersecurity
Blockchain is a digital, distributed and decentralized ledger of transaction which stores transaction data in structures called blocks. Each block contains transaction data and metadata (a set of data that provides information about the respective block). The advantage of this structure is that each block is constructed upon the previous block, in a chain-like structure (hence the name blockchain), by calculating the hash of the previous block and combining it with the hash of the second block of transactions. This complex design is what gives the data introduced in the blockchain its immutability and integrity. If a malicious actor attempts to alter the data from a block, every change will be immediately noticed by the system and every other network participant, because it will render all the following blocks invalid. These design choices make blockchain ideal for data storage because it is an append-only structure, which means that data can only be introduced into the system, it can never be completely deleted. Any changes made are stored further down the chain, but an admin can always see when the changes occurred, who made them as well as the previous version of the data.
Safer Domain Name Systems (DNS)
The domain name system (DNS) is a naming database where internet domain names are located and translated into internet protocol (IP) addresses. The domain name system maps the name people use to locate a website to the IP address that a computer uses to locate a website. The problem is that DNS is generally centralized, which means that hackers need to concentrate their efforts into a single place to break into the connection between website name and IP address to disrupt operations and compromise data. A DNS attack paired together with a DDoS attack can put a business in stasis for an extended period of time.
Decentralization and distribution are core features that further increase blockchain’s tolerance to attacks. Decentralization means that the network does not rely on a central server to host all the data, but distributes it across every network participants, also known as nodes. There are many types of nodes in a blockchain network, full nodes for example store a copy of the entire blockchain. As a result, the entire system doesn’t have a single point of failure. If a node is compromised, admins just have to address the vulnerability which allowed the malicious user to access the network and restore the node to its previous version, or they can simply cut out the node from the network. In case of encryption by ransomware, the attacker would find it impossible to hold all the data hostage, because the entire network is distributed among thousands of users (even more depending on the size of the blockchain), and even if they manage to encrypt a node, admins close the backdoor through which the attacker entered and restore the node to its previous version.
Modex’s BCDB software can help companies to distribute domain information across multiple nodes. As in traditional blockchain implementations, each node contains a partial copy of the database, or in the case of full nodes, an exact replica of the database. A standard application makes use of an API to write new entries in a database. The API is a type of URL where information is introduced. Modex BCDB embeds a URL to each node. To remove reliance on a single node, users can have a list of URLs that can be switched. This is a useful feature because if a node is compromised, users can switch to another node that contains all the information and continue to write data through its URL as if nothing has happened. This is how Modex BCDB achieves decentralization, a valuable characteristic that removes the dangers posed by centralization and exploitable single points of failure.
Enhanced traceability and data auditability
In a traditional database system, users can perform the standard CRUD operations (create, read, update, delete), four basic functions of persistent storage that constitute the backbone for interacting with any database. Both relational and non-relational database systems are designed to rely on the CRUD operations to enable basic interactivity. The problem with this approach is that database administrators or users with sufficient clearance can access and modify data entries. This is also available for malicious actors who manage to exploit security vulnerabilities and gain access to the database which can lead to numerous problems such as data breaches, corruption and even complete loss of data.
Modex BCDB enables companies to strengthen their database security and enhance audit and reporting operations by facilitating information traceability and record history. Blockchain differs from traditional databases because it is an append-only structure, which means that delete and update operations cannot be performed on existing data. As such, clients can configure the Modex BCDB system to store all the previous versions of the information in a separate table to simply reporting and audit operations. By default, the database will display the latest version of the information, but by accessing the record history, users can interact with older versions of the data and perform various operations including integrity checks and data analysis.
Due to blockchain’s design, data traceability is available without configuring record history. This is because each data insert in a database has its hash stored in the blockchain network. Even a small modification to an input can drastically change the hash of the information. By comparing the two hashes, an admin can easily determine that the information has been tampered with. But because it is impossible to determine the initial input from the hash digest, they will not know exactly how the information was modified in the database.
Each year, companies spend billions of dollars on cybersecurity solutions to secure their data from external tampering. Besides cybersecurity measures, companies and enterprises rely on third-party auditing firms to guarantee that data is correct and resolve any eventual disputes. Although an efficient line of defense, auditing firms charge a significant fee for their services, but more importantly there is the question of who verifies the auditor. In the end, companies are still required to place their trust in an external party to whom they must give access to their data.
Blockchain provides a viable alternative to this model. By combining cryptography with hashing algorithms, blockchain ensures data immutability, a feature that brings unprecedented levels of trust to the data owned by enterprises. In turn, immutability provides data integrity which drastically simplifies audit processes, while providing proof to stakeholders that the information has not been altered.
In an enterprise context, data immutability significantly reduces overhead, streamlines operations and unlocks new value:
- Data integrity is assured by blockchain’s architecture and data storing mechanism. Once data has been introduced in a blockchain network, it cannot be altered without compromising the entire data chain. Any data discrepancies are automatically detected by the system, which allows companies to pinpoint in real-time any tampering attempts.
- Streamlined auditing – as an append-only structure, blockchain provides an indisputable record history of all the data that has been introduced in the network.
- Enhanced efficiency – data immutability enables information traceability and record history which can unlock new business momentum and new opportunities in analytics
- Ideal settlement ecosystem – data traceability, immutability, integrity, and a complete record history can reduce costly business-related disputes from months and even years, to a couple of days
Complex data encryption mechanisms
Ensuring data security has become a primordial interest for companies and enterprises, regardless of their business profile and sphere of activity. The most common method to ensure data protection is through encryption, a process through which information is transformed into ciphertext, an unintelligible block of text that can be decrypted only with the correct encryption key. For decades, data encryption has become an important line of defense in the flow of cybersecurity architecture because even if data is intercepted by malicious actors, a complex encryption algorithm can block attackers from deciphering the content of the information.
Although an invaluable tool, how encryption is applied to protect information usually determines the levels of data tamper resistance. The problem is that encryption is mostly used to protect data at rest or in transit, leaving it potentially vulnerable during processing. As encryption mechanisms have evolved, the range of attacks on data has also expanded, ranging from attacks focused on encryption keys, integrity or corruption attacks, ransomware, and data destruction attacks.
Modex BCDB enables companies to tap into the potential of blockchain technology to store their database entries into a secure tamper-proof blockchain ecosystem. The infrastructure of the BCDB system was designed with security in mind. As such, to supplement the security capabilities of a standard blockchain network, Modex BCDB comes with a default data encryption mechanism that removes the need for programmers to write new code to encrypt the data. To enhance user experience and add a layer of flexibility to the BCDB environment, users have the option to enable automatic encryption at the field level. As such, any new data inserts are automatically stored in an encrypted format.
About Modex BCDB
Modex Blockchain Database (BCDB) was designed to help people without a background in tech, access the benefits of blockchain technology and remove the dangers posed by the loss of sensitive data.
Currently, the majority of blockchain solutions present on the market are oriented towards blockchain as a service, limiting themselves to a rigid view and application of the technology. A company or the CTO of a company can come to the realization, after a bit of study that their business can solve several issues and streamline back-end processes by implementing blockchain. The problem is that for a company to implement blockchain technology only through its own tech team, they need to invest a significant amount of time and resources to study what type of blockchain is most suited for their needs, and commence a lengthy process of learning the development specificity of the respective blockchain, as well as scouting for developers proficient in the technology.
Modex BCDB is a new take on blockchain technology which removes the need to invest resources in blockchain training and facilitates fast adoption of the technology in businesses. The solution proposed by Modex is a middleware that fuses a blockchain with a database to create a structure that is easy to use and understand by developers with no prior knowledge in blockchain development. As a result, any developer who knows to work with a database system can operate with our solution, without needing to change their programming style or learn blockchain.
Through our blockchain component Modex BCDB can transform with minimal changes any type of database into a decentralized database that holds the same valuable characteristics inherent to blockchain technology: transparency, increased security, data immutability, and integrity.
Every enterprise is reserved and unwilling to make changes to its database, and for good reason, as data loss or data corruption constitute major risks. Modex BCDB doesn’t work by deleting the existing database, or data entries. The database is maintained intact throughout the process, data integrity is ensured by calculating the metadata of the records and storing it on the blockchain. Moreover, the system does not restrict access to the blockchain or the database, so when a developer needs to make a reporting or ETL transformations, they can always perform warehouse analytics by accessing the database directly. This is because Modex BCDB has been purposely designed to be agnostic. With our solution, clients can set up a network, regardless of the type of database employed. In a consortium, each company can maintain what type of database they prefer (Oracle, Microsoft, IBM, Mongo DB, Elasticsearch), and connect them through a blockchain-powered network to ensure cohesion, availability while protecting corporate interests.