The SmartLedger team has been on a media blitz to kick off 2023, having already made several podcast appearances to showcase their new products and talk about the success of Sentinel Node. This week, they appeared on the Food Institute podcast to explain how blockchain can be leveraged for cybersecurity.
Introducing the podcast guests
Bryan Daugherty introduces himself as the co-founder of SmartLedger and the public policy director for the Bitcoin Association.
Gregory Ward is the Chief Development Officer at SmartLedger and the co-founder of CertiHash.
Patryk Walaszczyk is a blockchain solutions expert and business analyst at IBM.
How are cybersecurity threats a rising threat to the food industry and business at large?
The host, Chris Campbell, asks this question right off the bat. Daugherty answers that it’s difficult to think of a more critical industry than agriculture. The food industry is complex and interwoven, and it will increasingly see the application of smart devices, Internet of Things (IoT), and automated farming techniques. Any disruptions can have far-reaching effects throughout the industry, impacting real people’s lives and livelihoods, he says.
Furthermore, the food industry is fragile and dominated by a handful of conglomerates. Shutting any of these down via cyberattack would have devastating consequences and would be a national concern for any country. Daugherty explains that there’s no shortage of groups trying to cause disruption, from hacktivists to cyber gangs and even nation-states.
What about costs? What do companies have to pay when a data breach occurs?
Daugherty explains that JBS Foods was the victim of a ransomware attack, potentially originating from Russia, that shut down operations at 13 meat plants, causing havoc. Farms and restaurants were impacted, and meat prices skyrocketed. In the end, JBS had to pay the extortionists $11 million in BTC. This cost is significant, but it doesn’t even include repairing the company’s reputation, government fines, and more.
Elaborating on the fines, Daugherty points to Equifax, which was fined at least $575 million after a data breach that lost consumer data for millions of people. Needless to say, it’s worth preventing these attacks rather than having to clean them up.
Campbell calls these fines “reactionary” and asks whether the regulatory environment will change in years to come. Daugherty replies that his discussions with policymakers reveal a focus on resilient cybersecurity practices, and they intend to bolster national cybersecurity. Significant resources are being spent on this, including $11 billion earmarked by the Biden administration. Daugherty hopes to see new infrastructure emerge from this investment, which will impact the food industry.
Overall, he expects to see increased pressure to report these breaches in a transparent and auditable manner. Blockchain can help with this, implementing permissioned, shared alerts about events of national concern.
What’s the typical timeline for detecting a hack?
Campbell asks Ward about the typical timeline for detecting a hack. According to a report from IBM, he says it takes around 187 days to detect a beach and a further 75 days to contain it. The SmartLedger team feels this is unacceptable, and their tool, Sentinel Node, can significantly reduce that time.
What’s the traditional forensic process like (pre-blockchain)? Walaszczyk explains that the forensic process isn’t significantly different from Sentinel Node, but it should be much faster and cheaper. Preservation of evidence is key, and if this isn’t done properly, everything else becomes invalid.
Elaborating on the process, Walaszczyk explains that the first step is to identify if a breach really happened, then we must learn how it occurred and its size, followed by sending the appropriate notifications, and once everything has been confirmed, the incidence response plan must be followed. Once again, evidence preservation is crucial.
This whole process could take up to 270 days, and Sentinel Node can significantly reduce this time. How quick could it be? A minute or less, Walaszczyk says. The main purpose is to reduce the identification time, speeding up the entire process of identifying breaches.
What are the other benefits of using blockchain technology for cybersecurity? Walaszczyk explains that the first step in grasping these is to understand what the blockchain really is. It’s essentially a database with some unique characteristics, including decentralization and immutability. This means nobody can remove or alter the data that has been written to the blockchain. From the perspective of a tool like Sentinel Node, this means auditors can be sure the data they’re looking at is legitimate and has not been tampered with by attackers or other third parties.
More about Sentinel Node
Campbell asks Ward to tell us more about Sentinel Node specifically. Ward explains that it combines real-time network file integrity monitoring and administrator accountability with scalable blockchain technology. Without the BSV blockchain, this product could not exist.
Sentinel Node is extremely simple to install, Ward says. The administrator can then log in with their private access key and observe real-time checking of the state of the network (every 10 seconds). If any alert is detected, it is immediately sent to the administrator and other permissioned stakeholders. Whoever handles this alert will have to sign in with their enterprise blockchain access key, creating true administrator accountability.
Campbell is intrigued by the accountability part.
“Accountability and integrity of data are everything. That’s why we’re creating these tools,” Ward explains.
He goes on to say that attackers almost always try to delete logs and cover their tracks, but Sentinel Node, with its real-time data written to the public blockchain, makes that impossible. It also allows companies and organizations to figure out who took what actions when the alert was raised.
Key takeaways from this podcast episode
- Cyberattacks such as ransomware and network breaches are a growing concern for the global food industry. An attack can have wide-reaching implications because it is so fragile and interconnected.
- These attacks can be extremely costly for the companies and organizations involved. The costs are increased further when government fines are factored in.
- The current average detection time for network breaches is 187 days. It can take a further 75 days to contain breaches and attacks.
- Blockchain-based cybersecurity tools like Sentinel Node can reduce detection times dramatically (to under a minute). They can also create true accountability, allowing organizations to see exactly how the breach occurred and who within the organization dealt with the alerts, and what actions they took.
Watch: CoinGeek Weekly Livestream with Kurt Wuckert Jr. featuring SmartLedger
New to blockchain? Check out CoinGeek’s Blockchain for Beginners section, the ultimate resource guide to learn more about blockchain technology.
