Securing Your Blockchain Servers
January 12th, 2018
I am simply amazed at all the buzz around Bitcoin, Blockchain, and cryptocurrency. When you hear a cab driver talking about it, or your local news carries a piece on how a family paid for their daughter’s wedding with Bitcoin, then you know that the hype is out of control. If you know anything about these technologies, excellent – you are ahead of the curve. Hopefully you have not realized too late that they actually have a limited place in business and need to be secured just like any other application – with some twists.
Blockchain – what is it, and how does it work?
Blockchains are not a database replacement, nor will future applications that utilize them. They are a multi-node distributed ledger system that secures entries based on volume and verification. Natively, blockchain can only process a limited number of transactions per second and cannot store complex records or blobs – only ledger-style information that has a finite start date, like shipping information.
Historical records, pictures, complex indexes, and other large datasets are just not good for blockchain technology. This is one of the problems security teams need to understand. Think of a blockchain implementation like old school peer to peer network technology from Napster or bearshare (yes, I am going there). Each node contains a database of all records and any new entries need to propagate to all other nodes for validity. While a peer-to-peer network queries its peers for entries, blockchain actually contains a duplicate of all entries compared to its peers. This means tampering with one node does not invalidate the entire blockchain; it means that an entry has to be properly validated (via work in the case of bitcoins) to be accepted as a ledger entry and propagated to other nodes. This is where security comes into play.
Entries into the blockchain ledger needed to be validated for fraudulent activity, and more importantly the hosts containing blockchain implementations secured against vulnerabilities and privileged attacks that could compromise or tamper with blockchain insertions. There is no concept of blockchain ledger modifications. This is key to protect the integrity of the data. Once an entry is accepted, it is permanent. Therefore, if you can attack the server, application, and ledger processes, you can tamper with the blockchain. This is how some of the recent cryptocurrency attacks have been occurring.
Blockchain implementations are only as secure as the applications that use them. Poor security controls for inserting data in the ledger will lead to tampering. In the case of bitcoins, beyond a 51% ownership of all bitcoin servers, the servers themselves validate mining via work. These are mathematical computations that prove an entry should be made and ownership of a bitcoin.
The actual allocation of bitcoins is a more complex topic out of scope for this discussion. In either case, since they are distributed and verified by other servers, tampering is very difficult, if not near impossible, before an entry is made. Other cryptocurrency and blockchain implementations are nowhere near as secure.
This is a critical lesson: Blockchain is a foundational tool for bitcoins and leverage other models to stay secure. Blockchain alone is not secure. It is just a distributed database ledger.
Securing Blockchain Implementations
So how do we secure blockchain implementations? We first start with cybersecurity basic hygiene:
- Privileged access management to ensure all privileged access to the host is monitored and properly delegated
- Vulnerability management to secure the host and applications from tampering that could lead to inappropriate read or write blockchain ledger entries
- Patch management for prompt remediation, mitigation, or hardening to minimize risks
And now the twist:
- New entries into the blockchain should be secured with dynamic privileges and only valid for one time usage. This can be done with privileged password access solutions and keys or passwords using an API. An insecure insertion path into the blockchain can lead to devastating results.
- Reads from the blockchain should be secured in a similar fashion to ensure the retrieval is not tampered with (like a man in the middle attack) before processing by the application.
Since modifications and deletions of blockchain records are not permitted, all entries must be 100% valid or the entire model (ledger) could be compromised.
Think of blockchains as just another application for data storage. It has limited data storage capabilities, is not very fast, but is designed to be highly distributed and 100% reliable. If your application or host can be tampered with, so can you blockchain. The goal, securing both during their design and implementation so this can never occur.
For more information on how BeyondTrust’s solutions can help secure blockchain transactions at that application programming interface level, contact us today.