Cybercriminals are using blockchain to improve security. Should you?

Business-minded hackers are testing blockchain technologies to secure their illegal operations. Here's what enterprises can learn from them.

Become An Insider

Sign up now and get FREE access to hundreds of Insider articles, guides, reviews, interviews, blogs, and other premium content. Learn more.

At its height, the AlphaBay dark web market had 40,000 vendors, more than 400,000 users, and was facilitating more than $600,000 worth of illegal transactions daily. July 2017 saw both AlphaBay and rival marketplace Hansa taken down by law enforcement agencies as part of Operation Bayonet.

In the same way the takedown of Silk Road in 2013 didn’t stop the illegal activity going on online, the removal of AlphaBay and Hansa has failed to halt criminal activity. They’ve simply moved on and changed tactics.

“The shift away from marketplaces was happening before, but once the takedowns [of Alphabay and Hansa] happened, that was a big wake-up call” says Rafael Amado, strategy and research analyst at Digital Shadows. “Cybercriminals are very flexible and creative, and what they're doing is using a mixture of old techniques and some newer techniques to stay alive and to continue operating.”

While the chief fallout has been a big increase in the use of encrypted messaging services such as Discord and Telegram, a small but growing number of criminals are using blockchain-based technologies to help secure their operations. Are cybercriminals ahead of the pack when it comes to getting value from blockchain?

How cyber criminals use blockchain to stay secure

While still a nascent technology, there are security-based use cases for blockchain including  authentication for IoT and edge devices, ensuring data integrity, and around identity and access management. Swiss backup company Acronis, for example, uses it to identity whether files have been tampered with.

To continue reading this article register now

SUBSCRIBE! Get the best of CSO delivered to your email inbox.