Modern field guide to security and privacy

Opinion: The tech behind Bitcoin could reinvent cybersecurity

Blockchains track, record, and secure transactions made within the virtual currency Bitcoin. They can also help defend many critical systems from devastating cyberattacks.

David Gray/Reuters/File
A customer of an Australian bank walks away after withdrawing money from an ATM next to a Bitcoin ATM.

Given the recent cyberattacks on critical infrastructure around the world such as the Christmas 2016 power outage in Ukraine, which left more than 200,000 people in the dark, the task of protecting vital systems and networks has become an issue of pressing global importance.

Meeting that challenge requires improving digital security standards and practices across all industries. It also demands investing in the newest and most promising technologies such as blockchains.

Though Bitcoin gets most of the press, the technology undergirding it – blockchains – has the potential to transform business, and maybe even revolutionize cybersecurity. 

A blockchain is simply an online ledger, e.g., a distributed database of who owns what. The database is separated into transactions, called blocks. Once a new block is added to the chain, the data in the block cannot be changed, the digital equivalent of etching a Bitcoin transaction in stone.

From making businesses more efficient to recording property deeds to securing medical devices, a range of huge organizations are investigating in new ways to deploy blockchain technology. Startups in the space have attracted more than $1 billion in funding. Even the Defense Advanced Research Projects Agency, the Pentagon's experimental brain trust, is researching blockchain technology to "create an unhackable messaging system."

But to date, relatively few firms are exploring the application of blockchain technology to help safeguard critical infrastructure. That needs to change, both on the part of US business leaders and policymakers.

One example of this kind of innovation is already underway. The cybersecurity firm Guardtime uses blockchain technology to secure Britain’s power grid, including its nuclear power plants and flood defenses. Guardtime uses blockchain technology known as Keyless Signature Infrastructure (KSI) to detect “unauthorized changes in software configurations [by] ... providing a complete chain of the history of the data that is generated and transmitted.”

Estonia is also using Guardtime's approach and looking into ways blockchains can authenticate marriage records and health data. US critical infrastructure operators and policymakers could learn from Estonia’s experimentation, while understanding the limitations of the technology.

The anonymous developer known as Satoshi Nakamoto outlined the protocol that leveraged peer-to-peer technology to create Bitcoin. It's a deceptively simple innovation that "set off a spark that has excited, terrified, or otherwise captured the imagination of the computing world and has spread like wildfire." Netscape cocreator Marc Andreessen called the innovation “the distributed trust network that the internet always needed and never had.”

Indeed, blockchains have the potential to, according to the Economist, “transform how people and businesses cooperate.” Such an outcome is by no means predetermined with an array of technological, economic, political, and governance issues to be overcome.

Undoubtedly, there is significant hype associated with blockchains, and they will be improperly deployed in some scenarios where a more traditional ledger might be suitable. However, in security, there is frequently a need for an authentic log of data, transactions, and records. If the authenticity of such records is mutable by a few authorities, then there is concern that targeted foul play can lead to untrustworthy records. Alternately, in some scenarios there are few clear authorities that should be trusted to establish authenticity – and those authorities may not themselves have mutual trust – meaning that a more grassroots approach is necessary.

Still, the promise of this technology, especially in the context of enhancing cybersecurity in critical infrastructure systems, deserves our sustained attention. In other words, a sustainable blockchain edifice will not be built overnight, it will take ongoing attention by numerous stakeholders – including policymakers – over a period of years, perhaps decades. But by starting now, block-by-block, we can build trust in an age that has to date been defined by increasing cyber insecurity.

Scott Shackelford is an associate professor of business law and ethics at the Indiana University Kelley School of Business, as well as director of the Ostrom Workshop Program on Cybersecurity and Internet Governance, and Cybersecurity Program Chair of IU’s MS in Cybersecurity Risk Management. He is also a research fellow at the Harvard Kennedy School.

Steven Myers is an associate professor in the Department of Computer Science in the School of Informatics and Computing at Indiana University, where he is also the School's Security Programs Director, and a member of the Center for Applied Cybersecurity. 

The full article on which this essay is based, “Block-by-Block: Leveraging the Power of Blockchain Technology to Build Trust and Promote Cyber Peace” is forthcoming in the Yale Journal of Law and Technology. 

You've read  of  free articles. Subscribe to continue.
Real news can be honest, hopeful, credible, constructive.
What is the Monitor difference? Tackling the tough headlines – with humanity. Listening to sources – with respect. Seeing the story that others are missing by reporting what so often gets overlooked: the values that connect us. That’s Monitor reporting – news that changes how you see the world.

Dear Reader,

About a year ago, I happened upon this statement about the Monitor in the Harvard Business Review – under the charming heading of “do things that don’t interest you”:

“Many things that end up” being meaningful, writes social scientist Joseph Grenny, “have come from conference workshops, articles, or online videos that began as a chore and ended with an insight. My work in Kenya, for example, was heavily influenced by a Christian Science Monitor article I had forced myself to read 10 years earlier. Sometimes, we call things ‘boring’ simply because they lie outside the box we are currently in.”

If you were to come up with a punchline to a joke about the Monitor, that would probably be it. We’re seen as being global, fair, insightful, and perhaps a bit too earnest. We’re the bran muffin of journalism.

But you know what? We change lives. And I’m going to argue that we change lives precisely because we force open that too-small box that most human beings think they live in.

The Monitor is a peculiar little publication that’s hard for the world to figure out. We’re run by a church, but we’re not only for church members and we’re not about converting people. We’re known as being fair even as the world becomes as polarized as at any time since the newspaper’s founding in 1908.

We have a mission beyond circulation, we want to bridge divides. We’re about kicking down the door of thought everywhere and saying, “You are bigger and more capable than you realize. And we can prove it.”

If you’re looking for bran muffin journalism, you can subscribe to the Monitor for $15. You’ll get the Monitor Weekly magazine, the Monitor Daily email, and unlimited access to

QR Code to Opinion: The tech behind Bitcoin could reinvent cybersecurity
Read this article in
QR Code to Subscription page
Start your subscription today