From Encrypted Messaging to Critical Fire Systems: Blockchain for Security Sector
Blockchain-based systems’ decentralized nature makes for their formidable resiliency to the outsiders’ attempts to infiltrate or take down such networks. Governments, law enforcement agencies and even military leadership around the world seem to be embracing a more blockchain-friendly way of thinking as they realize that the power of distributed ledger technology (DLT) could be harnessed to advance their goals in numerous ways. This generates increased demand for security-enhancing solutions, which pushes the private sector to come up with such products at an ever-increasing pace.
The latest use case – Israel’s securities regulator introducing a blockchain-powered messaging system in order to ensure authenticity of its communications – is an instance of a prevalent, yet not exclusive, area of the technology’s security application: data protection.
Ensuring data security and integrity is blockchain’s natural and widely recognized forte. The need to keep critical data safe and provably unaltered is even more pronounced in areas such as law enforcement and defense, where the consequences of failing to protect data might be especially dreadful. In recent years, governments have been peeking into the blockchain space en masse, so the examples of both potential and already operational implementation are abundant.
In May 2016, NATO’s Communications and Information Agency first invited proposals on blockchain applications in areas such as military logistics and procurement as a part of its Innovation Challenge initiative. Around the same time, The US Defense Advanced Research Projects Agency (DARPA), the very organization that we should thank for creating the internet, announced that it was accepting bids from contractors who would ‘create a secure messaging and transaction platform that separates the message creation, from the transfer (transport) and reception of the message using a decentralized messaging backbone to allow anyone anywhere the ability to send a secure message or conduct other transactions across multiple channels traceable in a decentralized ledger.’ In May 2017, the agency awarded a grant to a firm that subscribed to create this DLT-based messaging system.
Across the Atlantic, the Defence Science and Technology Laboratory, part of the UK Ministry of Defence, has been working with a domestic consultancy firm on a project aimed at improving integrity of data produced by networked sensors. Reuters also reported in late 2017 that the British justice ministry considered implementing a blockchain-powered solution to keep evidence tamper-proof.
Australia's financial intelligence agency and the Australian Criminal Intelligence Commission pooled some resources last year to fund the effort by HoustonKemp, a Singapore-based contractor, to build a blockchain system advancing the same goal – securely recording, storing, and sharing sensitive intelligence and evidence created by investigations.
Russia, too, has been wasting no time, as its Ministry of Defense designated a newly built research laboratory to explore the potential applications of blockchain technology for safeguarding critical military infrastructure from cyber attacks.
Tech corporations that are into the business of building blockchain applications do not just stand on the sidelines waiting for governmental agencies’ bid issuances. A few days ago, news broke that IBM registered a patent for a network security solution that relies on a distributed network of monitors to track breaches in systems’ defenses. This design will be especially effective against sophisticated attacks that cover up their own tracks. Even if one monitor is hacked, others will spot irregularities in system logs as they diverge from a previously blockchain-recorded consensus.
Another product specifically aimed at law enforcement and related organizations, called the Blockchain Evidence Locker, hit the market in September. A creation from Canadian firm Leonovus, the product is designed to maintain a detailed, cryptographically secured chain of custody record for the growing body of digital evidence that security agencies store. Overall, it won’t be surprising if within a decade maintaining a distributed and encrypted database of evidence will become a standard for law enforcement in the developed world.
Another common and well-documented application of blockchain technology for security and law enforcement purposes manifests in a wide range of tools that permit tracking suspicious or illegal financial activity, with the ultimate goal of matching pseudonymous crypto addresses with perpetrators of real crime. In this domain, police and intelligence agencies often operate in collaboration with private companies that build and maintain relevant software tools, or even completely outsource investigative work to them.
One of the notable features of this sector is a ‘blockchain detective’ firm Chainalysis, whose software has been instrumental in multiple investigations led by the US Department of Justice and other prominent agencies. Chainalysis has recently raised millions of dollars to expand its operations from a single Bitcoin blockchain that it previously scrutinized to a much wider array of cryptocurrencies.
London-based Elliptic, which often secures a mention next to Chainalysis as its closest competitor, has created tools that allow crypto exchanges or other interested parties to red-flag transactions that raise suspicions of being linked to illicit activities. Elliptic’s solutions are specifically focused on stopping criminals at the choke point where they attempt to cash out the shady money.
This year also saw San Francisco-based Bitfury group, an entity that started as bitcoin miner but moved on to become a provider of a wider set of crypto-related products and services, launch its blockchain-tracking software called Crystal. The product offers an in-depth look into any transaction on the Bitcoin blockchain, which involves advanced mapping and grouping tools, as well as a quantified assessment of the odds that a given transaction is illegal.
As the widespread perception of a robust link that exists between cryptocurrency and cybercrime taints the whole industry, many crypto ventures are eager to prove the stereotype inaccurate. This push resulted in creation of Blockchain Alliance, a coalition of companies whose mission is to ‘provide a forum for open dialogue between industry and law enforcement and regulatory agencies’ while combating crimes that use public blockchain infrastructure. Along with providing software tools that have already been deployed by agencies such as Europol and the US Department of Homeland Security in some high-profile investigations, Blockchain Alliance emphasizes the need to educate law enforcement on the technology underlying cybercrimes and the most efficient ways to deal with it.
Granted, innovation-minded generals and military technology experts have been long eyeing applications of blockchain such as military logistics, cyber defense, and resilient communications. Yet some even more exciting uses might be on the horizon, as the technology’s potential extends into command and control systems, and even further – onto the battlefield.
For example, in October 2016, DARPA spent some $1.8 million to pay a software company named Galois for their Blockchain application Guardtime Keyless Signature Infrastructure – basically, an unhackable code that could be deployed to enhance security in critical weapon systems. Using a mathematical technique called formal verification, the program will ensure that the system is used as intended, and no malicious code is planted within.
Pairing blockchain with artificial intelligence and military ‘Internet of Things' (IoT) could be the future of combat tactics, shifting from the centuries-old paradigm of centralized in-battle control to decentralized, at least at the unit level. Imagine a swarm of armed drones that continuously share combat data and decisions in a decentralized manner, operating as a unified organism that is not beholden to a single decision-making center and is capable of sustaining any casualties without losing operational capacity.
Another field ripe for decentralization of command is complex fire systems, such as those found on modern battleships. For the last five decades, NATO navies’ vessels have relied on a centralized system of weapons control called Aegis Combat System – an ingenious yet centralized brain that collects data from dozens of sensors and coordinates fire from several types of deadly weapons simultaneously. Despite its age, it still works well, but the centralized character makes it vulnerable if the decision-making center gets taken out. A set of autonomous systems that coordinate via a blockchain could present a more viable design, retaining advantages of coordination but eliminating vulnerabilities inherent to central control.