One of the questions I’m frequently asked is how cryptocurrencies work (e.g., Bitcoin). For some, our first exposure to cryptocurrency was in the aftermath of a ransomware event. Crooks don’t accept checks, so the fact that cryptocurrency provides an untraceable means of payment is perhaps the only reason for ransomware in the first place. For others, we first heard of cryptocurrency through the realm of currency speculation. Bitcoin, for example, surged from a starting price of $995 in January 2017 to a peak of $19,065 later that year. Some people made a lot of money. Of course, it’s fluctuated wildly since then, and many investors took substantial losses.

So how do cryptocurrencies work? What makes them different from wire transfers through a central bank? This is where a technology called “blockchain” comes into play. Blockchains are distributed, decentralized ledgers that are not managed by a single central entity (e.g., a bank). Instead, the ledgers are managed by a group of people who “mine” transactions and ensure that the ledgers stay up-to-date and accurate. The blockchain is a series of blocks attached to the ones before it, each with a digital timestamp of when it was created. Once a transaction is recorded inside the block, it becomes virtually impossible to change it, as doing so would cause the block to differ from what’s recorded in the corresponding block in all other miners’ ledgers.

At a lower level, when a new block is added to the chain, it contains some data, a hash of the block, and the hash of the previous block in the chain. If someone tries to tamper with the block (say, deposit $1MM to his account), the hash value for that block will become incorrect. Hackers might try to get around this by recomputing hashes for all the blocks, but a feature called “proof of work” requires a 10-minute hold-down in order to add a new block to the chain. Thus, wait time becomes an insurmountable deterrent to tampering with the block. The blocks are also distributed through a peer-to-peer network, and all miners receive full copies of the blockchain. New blocks are sent to everyone and added to the previous block in everyone’s ledgers. If a block has been tampered with, it will be rejected.

Blockchain technology therefore provides a way to ensure the integrity of each transaction without the need for a singular, central entity like a bank to vouch for it. In that respect, it’s positioned as a possible replacement for the central banking system as we know it. But its potential uses extend far beyond banking. Anywhere information is shared between multiple people or entities is a possible opportunity for blockchain. Storing electronic medical records, contracts, voting records, background checks, digital wallets and keys, backups, and any other type of information for which integrity is paramount is a viable use case. Even the decentralization of trade (by eliminating the need for intermediaries) is a possible outcome. It’s a fascinating technology that provides a failsafe way to ensure integrity (one of the three pillars of security) by eliminating single points of compromise, and we’ll be hearing about and using it more and more in the months and years to come.

Ross is the CISO at Symplexity. He has achieved CCIE Security and CISSP certifications, an MBA from the University of Notre Dame, and has 20 years of experience in the fields of computer and network security engineering and consulting. Ross provides virtual CISO services for our Symplexity Secure clients and helps them to identify information security risks and implement administrative, procedural, and technical controls to mitigate. He works effectively with both technical and managerial personnel and is a trusted resource for our clients.

Ready to take your technology to the next level?

Contact Us Now