Can Blockchain Solve Identity Fraud? – Forbes Tech #CyberSecurity

By Bojan Simic, Forbes Councils      May 31, 2018

A crypto-craze fueled by digital currency volatility is bringing blockchain technology, the digital ledger system that underlies such currencies, into the spotlight. At the same time, recent calls to take back ownership of personal identity are making blockchain’s decentralized nature more appealing. As demonstrated by consumer data breaches — including those affecting OrbitzSaks Fifth Avenue and more recently, Delta Airlines — our personal information is highly susceptible to fraud when stored in centralized databases. As an increasing amount of the world’s banking and commerce moves online, the temptation for mischief and theft has increased as well. However, blockchain may hold the key to keeping identities safe through its core feature of decentralization.

Identity Data Risks Are Growing

Blockchain could act as the foundation of the root identity question “Who Am I?” as opposed to the authentication query “Am I Who I Say I Am?” These systems can securely store and make readily available all kinds of information, including sensitive data like our financial history and health records. As consumers, our need to present this data at the time of service, or the point of sale or care, has risen with service providers’ increased online presence.

More at: Can Blockchain Solve Identity Fraud? – Forbes Tech #CyberSecurity

Security Researchers Discover Multiple Epic Vulnerabilities in EOS Blockchain – NewsBTC

By Martin Young      May 29, 2018

Chinese internet and cyber security research firm 360 reported a series of high risk vulnerabilities in the EOS blockchain platform a couple of hours ago. According to China’s version of Twitter, Weibo, some of these vulnerabilities can remotely execute arbitrary code on the EOS node, meaning that remote attacks can directly control and take over all nodes running on EOS.

The Weibo post went on to state;

“On the early morning of the 29th, 360 first reported the vulnerability to EOS officials and helped them repair the security risks. The person in charge of the EOS network said that the EOS network will not be officially launched until these issues are fixed.”

More at: Security Researchers Discover Multiple Epic Vulnerabilities in EOS Blockchain – NewsBTC

US Congressman Describes Blockchain As ‘World-Changing’ – [blokt]

By Ian Lee      May 10, 2018

On May 8, 2018, the Subcommittee on Oversight and the Subcommittee on Research and Technology invited four witnesses, two from the public sector and two from the private sector to discuss blockchain applications. The hearing, titled “Leveraging Blockchain Technology to Improve Supply Chain Management and Combat Counterfeit Goods” can be viewed in its entirety on YouTube.

Although mostly serving as an educational forum to allow various members to express their views on the applications of blockchain technology, it was a pleasant surprise how positive several politicians and government officials were on blockchain.

Notably, Republican Congressman Barry Loudermilk expressed happiness that this topic was finally being discussed at the government level, describing himself as feeling like “a little voice in the wilderness on blockchain” and also stating that “it could be a solution to a lot of our cybersecurity and data protection issues.”

More at: US Congressman Describes Blockchain As ‘World-Changing’ – [blokt]

This mind-bending quantum blockchain could be the future of secure transactions – Science Alert

By Mike McRae      April 26, 2018

Blockchain technology has taken the world by storm in recent years as a way to anonymously record transactions between individuals. As safe is it is currently, it’s only a matter of time before somebody finds a way to tap into those coded messages.

While quantum computing potentially opens the way to some serious safe-cracking power for hackers, the delicate nature of entanglement might also provide the solution to keeping data secure – by reaching into the past and erasing its own history.

A pair of researchers from Victoria University of Wellington in New Zealand have developed their own concept for a quantum blockchain that would theoretically prevent anybody from unknowingly fiddling with your electronic ledgers.

More at: This mind-bending quantum blockchain could be the future of secure transactions – Science Alert

Analyst sees blockchain as the future of infosec on social media – Crypto News Review

By John Moore      March 23, 2018

Blockchain tech could allow tracking of private data in the future.

As the shockwaves from the recent Cambridge Analytica revelations continue to rattle Facebook, RBC Capital Markets analyst Mitch Steven has pointed out how blockchain technology could help to instil peace of mind for users worried about how their data is being used.

Speaking to CNBC, Steves pointed out how the same tech that underpins cryptocurrencies – while not preventing misuse of data such as that seen in the CA case – could allow users to “100 percent track all this stuff”.

“In the future,” Steven said, “someone like yourself no longer has to give their photos to Facebook. Instead, you could just share that photo specifically with people, and then you’d be able to track it and make sure it’s not shared with someone who gets access to your information.”

More at: Analyst sees blockchain as the future of infosec on social media – Crypto News Review

Ethereum’s smart contracts are full of holes – MIT Technology Review

By Mike Orcutt      March 1, 2018

Blockchain-powered computer programs promise to revolutionize the digital economy, but new research suggests they’re far from secure.

Computer programs that run on blockchains are shaking up the financial system. But much of the hype around what are called smart contracts is just that. It’s a brand new field. Technologists are just beginning to figure out how to design them so they can be relied on not to lose people’s money, and—as a new survey of Ethereum smart contracts illustrates—security researchers are only now coming to terms with what a smart contract vulnerability even looks like.

More at: Ethereum’s smart contracts are full of holes – MIT Technology Review

Researchers Explore Eclipse Attacks on the Ethereum Blockchain – Nasdaq.com

By Amy Castor, Bitcoin Magazine      March 1, 2018

An eclipse attack is a network-level attack on a blockchain, where an attacker essentially takes control of the peer-to-peer network, obscuring a node’s view of the blockchain.

In a new paper titled ” Low-Resource Eclipse Attacks on Ethereum’s Peer-to-Peer Network ,” Sharon Goldberg, an associate professor at Boston University; Ethan Heilman, a Ph.D. candidate at Boston University; and Yuval Marcus, a researcher at the University of Pittsburgh, describe a way to carry out an eclipse attack on the Ethereum network.

(The researchers disclosed their attacks to Ethereum on January 9, 2018, and Ethereum developers have already issued a patch – Geth v1.8.1 – to fix the network.)

In speaking with Bitcoin Magazine , Goldberg explained the research, how it compares to Bitcoin eclipse attacks and why she thinks the work is important.

First, she emphasized that working with Ethereum developers to fix the vulnerability was a smooth process. “It was a very functional, easy disclosure,” she said.

More at: Researchers Explore Eclipse Attacks on the Ethereum Blockchain – Nasdaq.com

UK Government Websites Hit By Crypto Mining Malware – CoinDesk

By Wolfie Zhao      February 12, 2018

U.K. government websites and more than 4,000 others worldwide have reportedly been exploited by malware that harnesses visitors’ computers to mine cryptocurrency.

According to BBC, the incident was first revealed after British security researcher Scott Helme, who raised the alarm that users browsing the website of the U.K. Information Commissioner’s Office (ICO) are affected by the malware, dubbed Coinhive, which illicitly mines the anonymous cryptocurrency Monero.

The ICO subsequently closed its website when the issue was revealed, the report indicates. At press time, the site was still down, citing “maintenance.”

More at: UK Government Websites Hit By Crypto Mining Malware – CoinDesk

Is blockchain the answer to security risk in supply chains? – diginomica

By Madeline Bennett      February 6, 2018

Digital connections add new security risks to the supply chain. Companies including IBM and Maersk believe blockchain may provide the answer.

Cyber attacks such as the Target breach and NotPetya malware might be infamous for the resulting financial damage – around $250m and $900m respectively. What should perhaps be more frightening for businesses is that these losses occurred due to errors originating on the supplier side.

The 2013 hack on Target was a result of a spear phishing attack on one of the firm’s contractors. It resulted in the loss of 40 million credit card details, several senior executives – including the CEO – losing their jobs, and financial damages of over $250m. Similarly the NotPetya virus, which last year hit big-name brands including FedEx and shipping giant Maersk, was enabled when a number of Ukrainian businesses had their systems compromised by a malicious update to a popular local accounting software package.

Businesses have always had to be wary of exposure through their supply chain to risks such as fraud, quality failures, disruption and other contingencies. Today’s need to be digitally connected brings a new set of risks in its wake.

More at:  Is blockchain the answer to security risk in supply chains? – diginomica

NASA funds blockchain research to better communications in space – The TeCake

By The TeCake Staff      January 31, 2018

US space agency NASA (National Aeronautics and Space Administration has approved funding for the blockchain research to improve space communication. According to the latest reports, NASA has awarded a grant of $330,000 to scientists of the University of Akron so that they can work more dedicatedly on the potential blockchain technologies for bettering space communications.

The blockchain research team is led by Dr. Jin Wei Kocsis, an assistant professor in the Department of Electrical and Computer Engineering at the University of Akron. Kocsis and his team are developing a Resilient Networking and Computing Paradigm (RNCP) for future space exploration. The official website of the University of Akron stated that Dr. Jin Wei Kocsis has been selected for a prestigious NASA Early Career Faculty grant. “The work done by Kocsis will advance cognitive communications for NASA science and exploration by developing a resilient networking and computing paradigm that will improve the efficiency of space communications,” the website said.

More at: NASA funds blockchain research to better communications in space – The TeCake