X-Force Red, IBM’s blockchain and cybersecurity team, just launched a blockchain testing service that aims to help businesses test and secure their private blockchain networks.
The distributed nature of blockchain technology makes it highly resilient to hacking, but with so many enterprise blockchain solutions being deployed, processes and systems could become more vulnerable and at risk of cyber-attack. So there’s a growing need to invest in robust cyber security strategies for blockchain networks.
X-Force Red Blockchain Testing
IBM has been focusing on making this disruptive technology more secure by providing robust cybersecurity standards for enterprise blockchain implementation. The X-Force Red Blockchain Testing service will conduct tests on the blockchain infrastructure and examine backend processes, blockchain code, physical hardware, public key infrastructure, access control, and applications.
IBM says that 70 percent of the blockchain implementations it has observed in recent time rely on off-ledger systems for processes such as authentication, APIs, and data processing. This leaves many enterprise blockchain networks vulnerable to potential cyber attacks. The X-Force Red blockchain service can now assist organizations secure these implementations from network design all the way through deployment and post-implementation.
The X-Force Red blockchain team, which is made up of veteran hackers, will share their experience and expertise to understand the potential security risks associated with blockchain ecosystems. More specifically, the team will evaluate how permissions to access and add information to the blockchain are managed. The group will also assess password policies, smart contract security flaws and weaknesses, and software supply chain attacks. The “attacker mindset” expertise of X-Force Red will enable companies to identify and fix vulnerabilities in their blockchain networks as quickly as possible to prevent attacks by criminals.
Global Head of IBM X-Force Red, Charles Henderson commented:
“While blockchain is a breakthrough for protecting the integrity of data, that does not mean the solutions that leverage it are immune from attackers, which is why security testing is essential during development and after deployment,”
Blockchain and cyber security
Although the immutability of blockchain ledger makes it very hard to hack by tampering with data and information, there are some ways criminals use to subvert a blockchain. There are cases where flaws in blockchain code have led to cyber attacks and data breaches. For example, DAO (decentralized autonomous organization) suffered a serious attack that led to the theft of $50m worth of cryptocurrency.
It is therefore important for companies to pay attention to the security of their blockchain infrastructure. This effort by IBM will not only help businesses secure their solutions, but also enable widespread enterprise adoption of blockchain.