IT disaster recovery, cloud computing and information security news

An article published by World Economic Forum says that while ‘blockchain will be key to embracing the Fourth Industrial Revolution’, organizations must be wary of associated cyber threats.

The article, ‘Is blockchain really secure? Here are four pressing cyber threats you must consider’ discusses the following ‘four major cyber threats that need to be considered with regards to blockchain’:

Consensus protocol threats

Blockchains use consensus protocols to reach agreement among participants when adding a new block. Since there is no central authority, consensus protocol vulnerabilities threaten to control a blockchain network and dictate its consensus decisions from various attack vectors. Consequently, the consensus protocol must be evaluated and tested properly to ensure it always reaches an expected resolution.

Breach of privacy and confidentiality

The second threat is related to the exposure of sensitive and private data. Blockchains are transparent by design, and participants may share data that attackers can use to infer confidential or sensitive information.

As a result, organizations must carefully evaluate their blockchain usage to ensure that only permitted data is shared without exposing any private or sensitive information.

Compromising of private keys

The third threat is the compromising of private keys that blockchains use to identify and authenticate participants.

Attackers may compromise private keys to control participants’ accounts and associated assets by using classical information technology methods, such as phishing and dictionary attacks, or by exploiting vulnerabilities in blockchain clients’ software.

Smart contract defects

The fourth threat is that of smart contract defects that adversaries may exploit to launch attacks.

Smart contracts must be evaluated and appropriately tested to resolve possible defects and adhere to business and legal requirements.

To improve blockchain security various actions are highlighted:

  • Provide education and training and adopt industry best practices.
  • Implement sensible regulations of blockchain and expand them globally to increase adoption and build trust of the technology.
  • Define security objectives that align with current business continuity, crisis management and security policies. The evaluated blockchain solution must be configured to meet these objectives.
  • Perform a risk assessment to discover potential threats and existing vulnerabilities. This assessment may be conducted following the same framework used by organizations for other information technology deployments.
  • Create security controls and associated governance protocols to reduce the identified risks. If software development is required, organizations must develop the requirements following secure development practices, such as the secure software development life cycle (S-SDLC) methodology.
  • Continuously monitor and audit security in response to new threats and incidents.

Read the article.


Want news and features emailed to you?

Signup to our free newsletters and never miss a story.

A website you can trust

The entire Continuity Central website is scanned daily by Sucuri to ensure that no malware exists within the site. This means that you can browse with complete confidence.

Business continuity?

Business continuity can be defined as 'the processes, procedures, decisions and activities to ensure that an organization can continue to function through an operational interruption'. Read more about the basics of business continuity here.

Get the latest news and information sent to you by email

Continuity Central provides a number of free newsletters which are distributed by email. To subscribe click here.