Blockchain Could Save Governments From Cyber Attacks, But There Are 2 Risks

Jay Clayton, chairman of the SEC. Chip Somodevilla/Getty Images

Jay Clayton, the chairman of the Securities and Exchange Commission (SEC), said at a Congress hearing this week that the cryptocurrency space can be divided into three areas: the blockchain technology underlying major digital currencies, the digital currencies themselves and derivative products built on top of these currencies—often in the form of securities sold through initial coin offerings (ICOs).

While cryptocurrencies and ICOs give regulators major headaches, blockchain, or distributed ledger technology, increasingly seems to be something of true value that regulators eagerly want to put to good use.

“Just look around anywhere in our economy where verification and record keeping have cost and [that cost] can potentially be reduced. That is an opportunity for this technology,” Clayton said on Tuesday.

Echoing Clayton’s view, J. Christopher Giancarlo, chairman of the Commodity Futures Trading Commission (CFTC), who also testified at Tuesday’s hearing, said blockchain “has got enormous potentials.” 

The same discussion is happening at state level, as well, although it’s still at early stages.

New York State, for example, is considering forming a government working group to study blockchain technology and how it could benefit the day-to-day work at state agencies.

New York State Assemblyman Clyde Vanel told Observer earlier this week that cybersecurity would be a major area of discussion, given recent incidences of cyber attacks on government databases. 

Currently, most government agencies and business organizations adopt a “fence-and-deck” strategy to protect databases, often involving the use of anti-virus software, centralized authentication systems or firewalls.

“Most of these tools have been around for a really long time. And newer versions of them are just variations on the theme. They are not drastically new,” Jason Kichen, a former U.S. government intelligence officer who is now the director of security operations and research at a private company called Versive, told Observer.

Blockchain, by contrast, challenges the conventional wisdom that, in order to keep things safe, it’s best to lock it all in one place. By hosting safeguard software on multiple servers, blockchain makes it impossible for a hacker to break into a system with one fake login credential and comprise the entire system.

However, Kichen warns that the blockchain approach bears two risks, especially for government agencies.

“Within large organizations, there’s always a turf battle. There’s always [a battle of] who owns what piece of the environment,” Kichen said.

Instituting a decentralized safety networks eliminates the need for a central authority who controls a database.

Although a security officer will still own the distributed network, “it feels like you are losing that power,” Kichen said. “It’s not a technical problem, but a political one.”

The other risk is blockchain’s unknown technical risks, which could make it a dangerous tool, given government agencies’ inherent low tolerance for risks.

“We can talk theoretically about all the value that blockchain can provide on the security side, but, because no one has really done this in a large scale yet, you don’t know what additional technical vulnerabilities that it would introduce to your system,” Kichen said.

“So, my recommendation would be to watch the space for some period of time, and see how it plays out in the private sector,” he added.

Blockchain Could Save Governments From Cyber Attacks, But There Are 2 Risks