Book Image

Hands-On Cybersecurity with Blockchain

By : Rajneesh Gupta
Book Image

Hands-On Cybersecurity with Blockchain

By: Rajneesh Gupta

Overview of this book

Blockchain technology is being welcomed as one of the most revolutionary and impactful innovations of today. Blockchain technology was first identified in the world’s most popular digital currency, Bitcoin, but has now changed the outlook of several organizations and empowered them to use it even for storage and transfer of value. This book will start by introducing you to the common cyberthreat landscape and common attacks such as malware, phishing, insider threats, and DDoS. The next set of chapters will help you to understand the workings of Blockchain technology, Ethereum and Hyperledger architecture and how they fit into the cybersecurity ecosystem. These chapters will also help you to write your first distributed application on Ethereum Blockchain and the Hyperledger Fabric framework. Later, you will learn about the security triad and its adaptation with Blockchain. The last set of chapters will take you through the core concepts of cybersecurity, such as DDoS protection, PKI-based identity, 2FA, and DNS security. You will learn how Blockchain plays a crucial role in transforming cybersecurity solutions. Toward the end of the book, you will also encounter some real-world deployment examples of Blockchain in security cases, and also understand the short-term challenges and future of cybersecurity with Blockchain.
Table of Contents (17 chapters)
Title Page
About Packt
Contributors
Preface
Index

Defender perspectives


After understanding the emerging threat landscape and some of the most effective cyberattacks, it is important to work on our own defense. These threat groups have got everything they need to discover an organization's assets and then find the vulnerabilities to build their weapons accordingly. This leads to a huge concern for organizations that have been non-adaptive, sometimes for more than decades, but let's accept the fact that there are a good number of bodies who have been brilliant in achieving cyber hygiene and better cyber defense ecosystems. Let's focus on some of these bodies, including governments and businesses. 

Governments

Government electronic systems have been targeted by foreign security agencies to gather intelligence. With the growing use of interconnected technology, government systems are also facing challenges in increasing attack surfaces. It is important that government authorities become better at protecting their critical assets. 

The United States (US)

US President Donald Trump signed an executive order on May 11, 2017 that covers strengthening the cybersecurity of the federal network, emphasizing accountability, an adaptation of the framework to improve its critical infrastructure, and modernizing existing cybersecurity systems. The DoD has also presented its own strategy on strengthening cyber defense and cyber deterrence postures, and this includes three primary cyber missions, as shown in the following screenshot:

Cyber mission force plan to form 133 teams by 2018

To understand more about the DoD's strategy on strengthening its cyber defense and cyber deterrence posture, follow the link at https://www.defense.gov/News/Special-Reports/0415_Cyber-Strategy/.https://www.defense.gov/News/Special-Reports/0415_Cyber-Strategy/

The United Kingdom (UK)

With the National Cyber Security Strategy (NCSS) 2016-2021, the United Kingdom's government has planned to make its country secure and resilient. This vision is summarized in the following three objectives:

  • To defend cyberspace: This is used to ensure that UK networks, data, and systems are protected and resilient. From this, UK citizens, corporations, and public institutions should have enough expertise and the ability to defend themselves.
  • To deter adversaries: This is used to detect, understand, investigate, and disrupt cyber threats against the UK.
  • To develop its capabilities: With its self-sustaining pool of talent, it provides the necessary skills to help UK nationals across public and private sectors.

To get an insight into the UK NCSS program, follow the link at https://www.gov.uk/government/publications/national-cyber-security-strategy-2016-to-2021.https://www.gov.uk/government/publications/national-cyber-security-strategy-2016-to-2021

Europe

The European Union Agency for Network and Information Security (ENISA) serves as a center of expertise and excellence for both member states and EU institutions related to network and information security. There are some major notable initiatives, such as the Annual Privacy Forum (APF), ENISA Threat Landscape (ETL), and Cyber Europe—a pan-European exercise to protect the EU against coordinated cyberattacks.

In 2018, General Data Protection Regulation (GDPR) will replace the Data Protection Directive 95/46/EC with the following changes under its increased territorial scope: penalties, consent, breach notification, right to access, right to be forgotten, data portability, privacy by design, and data protection officers. To get an insight into each vertical of GDPR, visit the link at https://www.eugdpr.org/key-changes.html.

India

In February 2017, the Indian government's Computer Emergency Response Team (CERT-In) launched Cyber Swachhta Kendra, a Botnet Cleaning and Malware Analysis Center to create a secure Indian cyberspace through detecting and cleaning bots in user endpoints. To know more about India's initiative on the bot cleaning program and how other bodies are helping the government to achieve this goal, visit the link at http://www.cyberswachhtakendra.gov.in/.http://www.cyberswachhtakendra.gov.in/

Corporate

With the rapid adaptation of mobility, cloud, and IoT, businesses are getting ever more exposed to potential threats. In fact, some of the most trending technologies such as Bring Your Own Device (BYOD) make the probability and severity of insider threats even higher. Even after spending millions of dollars on preventative security, it still never gives complete assurance, and this has made organizations explore various emerging security defense technologies to detect and combat advanced threats that are successful in bypassing existing security systems. In many multinational organizations, the Chief Information Security Officer (CISO) has got multiple hats to wear at a time. In 2018, every CISO will be making some critical decisions regarding their organization's security.

Some of the emerging security defenses are mentioned here.

Endpoint detection and response (EDR)

EDR is a solution designed to detect and remove malicious activities from a network. EDR solutions will typically include the following four capabilities:

  • Detecting threats with the continuous monitoring of endpoints
  • Collecting and investigating logs and comparing and correlating them with historical events from each endpoint's activity
  • Responding to the dangerous attempts of resources and removing them from the network
  • Killing unauthorized processes to put the endpoint in a normal state

Deception technology

Deception has been used by the ancient military to in the world wars, and now this time in the world of cyberspace. In a nutshell, this is a technology that allows attackers to penetrate a decoy target system. With deception, enterprises can detect attackers and gather insights into their behavior and artifacts, which will then help improve their defense. This can be extended with multilevel stacks, including network devices, endpoints, and applications. 

Cyber threat intelligence (CTI)

CTI is a way of analyzing the capability of adversaries. In cyberspace, it is often delivered in the form of an indicator of compromise (IOC), which includes malicious IP addresses, domain names, hashes, and so on. It is critical for organizations to understand their assets, people, and each connected third party so that they can prepare their own threat intelligence and plan to strengthen their defense.