Weitere Kapitel dieses Buchs durch Wischen aufrufen
There is a fast-growing desire to look at the technology of blockchain as a method to enhance and further protect mission critical data in large-scale critical national infrastructure (CNI) such as healthcare organisations, ICS and SCADA systems used for key industrial processes. During recent years the level of cyberattacks and attack formations has progressed from ‘script kiddies’ to crime-for-hire (such as ransomware-as-a-service and malware-as-a-service) and more sophisticated attacks designed to take down a whole network infrastructure such as WannaCry ransomware attack in 2017 or the Ukraine 2015 cyberattack shutting down the power grid. Blockchain offers a decentralised method, essentially a trustless environment to store sensitive related data where it can remain private but accessible to where authorised.
Depending on the environment requirements, it can dictate how the data is stored (if on-chain or off-chain) but mainly giving the benefits of immutability, audit trail and enhanced security encryption layers. On a more serious level is the potential for state-sponsored cyberattacks designed to bring down CNI, which tend to be cultivated in more complex manners, and so an added security layer of blockchain may help protect core data.
The positioning of blockchain technology can therefore have a double effect to add to the traditional security layers of regular compliance policy reviews, training, patching, intrusion detection and prevention systems (IDPS) but also provide the enhancements of security and privacy of data.
Bitte loggen Sie sich ein, um Zugang zu diesem Inhalt zu erhalten
Sie möchten Zugang zu diesem Inhalt erhalten? Dann informieren Sie sich jetzt über unsere Produkte:
Angraal, et al. (2017). Blockchain technology: Applications in Healthcare. Circulation: Cardiovascular Quality and Outcomes , 1–4. Available at: https://doi.org/10.1161/CIRCOUTCOMES.117.003800. Accessed 21 Apr 2018.
Ark Invest Research. (2016). How Blockchain can enhance EHR operability. Available at: http://research.ark-invest.com/blockchain-and-healthcare. Accessed 21 Apr 2018.
Aumasson, J. (2017). The impact of quantum computing on cryptography. Computer Fraud & Security, 2017(6), 8–11. Available at: https://doi.org/10.1016/S1361-3723(17)30051-9. Accessed 1 Apr 2018. CrossRef
Azaria, A., Ekblaw, T., Vieira., & Lippman, A. (2016). MedRec: Using Blockchain for medical data access and permission management, 2016 2nd international conference on Open and Big Data (OBD), Vienna, pp. 25–30. Available at: https://doi.org/10.1109/OBD.2016.11. Accessed 30 Dec 2017.
Barwick, H. (2015). Attacks against SCADA systems Soar.Available at: https://www.computerworld.com.au/article/572668/attacks-against-scada-systems-soar/. Accessed 7 Oct 2018.
Breachlevelindex. (2018). Data Breach database. [Online]. Available at: https://breachlevelindex.com/data-breach-database#. Accessed 3 June 2018.
CCDCOE. (2016). NATO Recognises Cyberspace as a ‘Domain of Operations’ at Warsaw Summit .Retrieved from https://ccdcoe.org/nato-recognises-cyberspace-domain-operations-warsawsummit. html.
CERT-UK. (2016). Annual Report 2015/16. Available at: https://www.ncsc.gov.uk/content/files/protected_files/report_files/CERT-UK-Annual-Report-2015-16.pdf. Accessed 6 Oct 2018.
Connell, M. (2017). Russia’s approach to Cyber Warfare. Arlington United States: Center for Naval Analyses. Retrieved from http://www.dtic.mil/docs/citations/AD1032208. Accessed 6 Oct 2018.
CPNI. (2018). Critical national infrastructure Available at: https://www.cpni.gov.uk/critical-national-infrastructure-0. Accessed 7 Oct 2018.
CREST. (2014). CBEST implementation guide. Retrieved from http://www.crest-approved.org/wpcontent/ uploads/2014/07/CBEST-Implementation-Guide.pdf. Accessed 7 Oct 2018.
Databreaches.net. (2016). Baltimore addition treatment clinic hacked; patients’ info up for sale on the web. [Online]. Available at: https://www.databreaches.net/baltimore-addiction-treatment-clinic-hacked-patients-info-up-for-sale-on-dark-web/. Accessed 7 May 2018.
Department of Homeland Security. (2018). Critical national infrastructure sectors. Available at: https://www.dhs.gov/critical-infrastructure-sectors. Accessed 6 Oct 2018.
Fruhlinger, J. (2017). What is Stuxnet, who created it and how does it work? Available at: https://www.csoonline.com/article/3218104/malware/what-is-stuxnet-who-created-it-and-how-does-it-work.html. Accessed 7 Oct 2018.
Gemalto. 2017. Trust in a connected world. [online] Available at: https://www.gemalto.com/investors-site/Documents/2018/Annual-report-2017.pdf. Accessed 7 Oct 2018.
Halamka, J. et al. (2017). The potential for blockchain to transform electronic health records. [Online] Available at: https://hbr.org/2017/03/the-potential-for-blockchain-to-transform-electronic-health-records. Accessed 30 Sept 2018.
Hermann, Jr, R. M. (2017, April ). Cyber war in a small war environment, Doctoral dissertation, Utica College. Retrieved from https://media.proquest.com/media/pq/classic/doc/4322066173/fmt/ai/rep/NPDF?_s=YzZeQegt4q7xdP0lYm7XXDPMULM%3D. Accessed 30 Sept 2018.
Heuer, R. J. (2015). Structured analytical techniques for intelligence analysis (2nd ed.). SAGE press.
Higgins, K., Dark Reading, (2017). Latest Ukraine Blackout Tied to 2015 Cyberattackers. Available at: https://www.darkreading.com/threat-intelligence/latest-ukraine-blackout-tied-to-2015-cyberattackers/d/d-id/1327863. Accessed 7 Oct 2018.
ICO (2018) ‘What action we’ve taken in Q4, what you’ve reported to us and what you can do to stay secure’. [Online]. Available at: https://ico.org.uk/media/action-weve-taken/reports/2014675/data-security-trends-pdf.pdf (Accessed 8 February 2019).
Jay, J. (2018) Healthcare Sector suffered more than half of all cyber-attacks in 2017. [Online]. Available at: https://www.scmagazineuk.com/healthcare-sector-suffered-more-than-half-of-all-cyber-attacks-in-2017/article/763532/?utm_source=hs_email&utm_medium=email&utm_content=62703473&_hsenc=p2ANqtz%2D%2Drrl9qlLIbs5RTh5U6NBARNQlIEVWdyAsQwfiNL80sIcAw9MmgCC8e-xXjGCVox_WaTosWWVdCYDeELjiApOO4g0Wn7w&_hsmi=62703473#new_tab. Accessed 7 May 2018.
Kaspersky Lab ICS CERT. (2018). Threat landscape for industrial automation systems in H2 2017. Available at: https://securelist.com/threat-landscape-for-industrial-automation-systems-in-h2-2017/85053/. Accessed 7 Oct 2018.
Kardos, M. D. (2017). A simple handbook for non-traditional red teaming (No. DST-GROUP-TR- 3335, DODA-AR-016-782). Edinburgh: Defence Science and Technology Group.
Logsdon, M. (2016). Why companies Using SCADA Systems need to wake up to the increased threat of cyber-attacks. Available at: https://www.scmagazineuk.com/why-companies-using-scada-systems-need-wake-increased-threat-cyber-attacks/article/1477598. Accessed 6 Oct 2018.
Mettler, M., (2016). Blockchain technology in healthcare: The revolution starts here 2016 IEEE 18th International Conference on e-Health Networking, Applications and Services (Healthcom) Available at https://doi.org/10.1109/HealthCom.2016.7749510. Accessed 7 Oct 2018.
Morbin, T. (2016). £442 billion potential loss in UK power sector cyber-attack. Available at: https://www.scmagazineuk.com/442-billion-potential-loss-uk-power-sector-cyber-attack/article/1477490. Accessed 6 Oct 2018.
MoD (2013). Red Teaming Guide. Available at: https://www.gov.uk/government/uploads/system/uploads/attachment_data/file/142533/20130301_red_teaming_ed2.pdf. Accessed 6 Oct 2018.
NAO. (2017). Investigation: WannaCry cyber-attack and the NHS. Available at: https://www.nao.org.uk/wp-content/uploads/2017/10/Investigation-WannaCry-cyber-attack-and-the-NHS.pdf. Accessed 6 Oct 2018.
NCSC. (2016). 10 steps to Cyber Security. Available at: https://www.ncsc.gov.uk/guidance/10-steps-cyber-security. Accessed 7 Oct 2018.
Nichol, P. (2016). Blockchain applications for healthcare. [Online] Available at: http://www.cio.com/article/3042603/innovation/blockchain-applications-for-healthcare.html. Accessed 22 Sept 2018.
Parliamentary Office of Science and Technology. (2017). ‘Cyber Security of UK Infrastructure’ Available at: http://researchbriefings.files.parliament.uk/documents/POST-PN-0554/POST-PN-0554.pdf. Accessed 7 Oct 2018.
Satoshi, N. (2008). Bitcoin: A Peer-to-Peer electronic cash system 2008. [Online]. Available at: https://bitcoin.org/bitcoin.pdf. Accessed 30 Dec 2017.
Schumacher, A. (2017) Blockchain & Healthcare. 2017 Strategy Guide for the Pharmaceutical Industry, Insurers & Healthcare Providers. [Online]. Available at: https://www.researchgate.net/publication/317936859_Blockchain_Healthcare_-_2017_Strategy_Guide. Accessed 22 Apr 2018.
Strategic Comments. (2017). The WannaCry Ransomware Attack, 23(4), vii–ix, Taylor and Francis. Available at: https://doi.org/10.1080/13567888.2017.1335101. Accessed 7 May 2018.
Swan, M. (2015). Blockchain: Blueprint for a New Economy, USA, O’Reily Media Inc.
Xu, J. (2016). Are blockchains immune to all malicious attacks?. Financial Innovation, 2(1), 1. Available at: https://doi.org/10.1186/s40854-016-0046-5. Accessed 3 Apr 2018.
Zyskind, G., Nathan, O., & Pentland, A. (2015). Decentralizing privacy: Using Blockchain to protect personal data, IEEE Security and Privacy Workshops, San Jose, CA, pp. 180–184. Available at: https://doi.org/10.1109/SPW.2015.27. Accessed 30 Dec 2017.
- The Role of Blockchain in Underpinning Mission Critical Infrastructure
- Chapter 12