BLOCKCHAIN VS CYBER-TERRORISM

By IMBA-Exchange on The Capital

Photo from the source

Modern blockchain technologies are a revolutionary phenomenon that is equal in importance to the Internet’s brilliant invention of the 20th century. Originally developed for the digital currency of bitcoin and the launch of the network of the same name, blockchain technologies created a platform for a new type of Internet, influenced the decentralization of the Network by the principle of a distributed registry, and began to be used in all kinds of combinations and combinations for various purposes, including cybersecurity.

The use of blockchain technology to ensure cybersecurity is unlimited thanks to such unique properties as reliability, accessibility, high adaptability, economic efficiency, and profitability. The use of blockchain technologies to combat cybercrime, including cyber terrorism, can extend to control over financial services, transport, or any other industry. However, the growth of criminal activity using blockchain technologies will also intensify if law enforcement agencies cannot technologically competently, at a faster pace, detect these developing centers, determine their actions, and destroy plans.

The life of modern society is marked by the rapid development of computer technology, a massive increase in the number of Internet users, and general cyber integration. The digital transformation has embraced such fundamental areas of activity as public administration, economics, politics, legislation, legal proceedings, business, management, education, and science. Communication, training, banking, shopping, information storage, and much more have moved into the virtual space. One of the main roles in these processes belongs to blockchain technology in its various varieties and combinations.

Undoubtedly, blockchain is a revolutionary phenomenon, insignificance compared with the ingenious invention of the 20th century — the Internet. Initially (2008), blockchain technology was developed for the digital currency Bitcoin, called “digital gold”, and the launch of the Bitcoin network. The term “blockchain” meant a fully replicated distributed database (registry) of data and refers to transactions in various cryptocurrencies. Subsequently, blockchain technology was extended to other interconnected information blocks. Currently, new options and uses of the blockchain are being developed and implemented. So, the explosion of the spread of digital information led to the fact that blockchain technology created a platform for a new type of Internet and contributed to the emergence of decentralized services. Unlike the centralized approach, the new services are based on a decentralized distributed network that can be used for various purposes, including cybersecurity.

Blockchain technology is based on the fact that each user of a database based on the blockchain has a full copy of it (distributed registry rule). After any changes to this database, new information is synchronized on the computers of all users. Thus, there is no central depository that stores the database, monitors its relevance, reliably protects against attacks, since the loss of the database on one or even several computers does not affect the safety of information: the same copies are stored by other users. And if there are thousands, millions, or tens of millions of such virtual storages, then such a database can be considered relatively invulnerable.

Through the blockchain, information through distributed records is decentralized, sequentially hashed, and encrypted, which makes it almost impossible for attackers to identify and interpret it. Each time when new data is included in the distributed registry, the next block is created containing a cryptographically generated key that serves to unlock the record.

A specific feature of the blockchain technology is that making changes to the database (registry) is final and irreversible: transaction information is sealed in a virtual block, which, after registering the action, is synchronized with all copies of the registry. In this case, the blocks are sequentially lined up in a chain. Thus, the blockchain technology reliably relieves the registry of fakes and fraudulent actions due to the fact that making changes is possible only in that part that the user of the registry owns and also provides complete transparency of operations in the registry and traceability of the entire chain of blocks from the moment of creation. The data storage period in the blockchain registry is unlimited, that is, information can be stored virtually forever.

To date, blockchain is most in-demand in the financial sector (the creation of digital currencies, transactions, exchange, and storage of financial information). He received application use in other areas, such as smart contracts, registration of public records (registration of ownership of the real estate, licensing, creation and liquidation of organizations, civil registration, issuance of digital identification cards, driver’s licenses, electronic medical records and etc.).

At the same time, the blockchain has its own weaknesses. In particular, when more than 51% of nodal points (computing power) are concentrated in one closed chain (pool), it gains absolute control over the process of registering transactions in the blockchain, negating the fundamental property of the blockchain — decentralization of data registers(1* Allen J. How Blockchain Could Help Fight Cybercrime). In addition, the blockchain is not as anonymous as is commonly believed. The blockchain system serves as a virtual record of all transactions on the Web, accessible to all users of the blockchain. “Transparency” and the general availability of the blockchain mean that any user with a sufficient level of computer literacy is able to track the digital traces of anonymous traders. In this regard, to increase security and anonymity, the blockchain is often used on the darknet — the shadow Internet (from the English DarkNet — the dark network) — with the anonymous software The Onion Router (TOR), which is a system of proxies that secretly access the Internet, keep anonymity when visiting sites, instant messaging, working with applications, etc (2* Malik N. How Criminals And Terrorists Use Cryptocurrency: And How To Stop It).

1* The article is available here

2* The article is available here

In addition to providing obvious advantages and a new quality of life, total digitalization entailed not only a large-scale dependence of society on information technology but also the emergence of cybercrime, as well as its most destructive forms — cyber terrorism and cyber extremism. The Internet has been realized in the creation of cyberspace in which terrorists and extremists can quickly and anonymously carry out an extensive exchange of information, seamlessly make communications, and attack objects of great value to them.

Today, such terrorist groups as Hamas, Hezbollah, Al Qaeda, as well as hundreds of others, are actively working on the Web. Militant radical organizations see the Internet as an ideal arena for illegal activities because of the extremely inadequate legislative regulation of relations in the cyber network, the unhindered distribution of the flow of free information, and easy access to online space from almost anywhere in the world.

Superpower for cyber terrorists created darknet, as well as fiscal-uncontrolled digital computing, virtual logistics, instant messaging, the anonymity of transactions. Cybercriminals use the decentralized organization of the shadow Internet to conduct illegal transactions, to receive payments from victims of extortion, and to launder income. In order to carry out criminal intentions, terrorist organizations are actively using digital technologies — blockchain, artificial intelligence, big data, augmented and virtual reality, robotics, 3D printing, and others. The Internet is used by them for secure communication, collecting information, disseminating propaganda, applying cyber attacks to bases data and critical information infrastructures, conducting psychological and unleashing a real war, recruiting, recruiting fighters and sympathizers.

Bitcoin has become a favorite currency for darknet markets. On the shady Internet, cyber-terrorists for cryptocurrency can buy anything, including drugs, medicines, weapons, killers, anonymously participate in human trafficking, bullying, intimidation, provocation, and terrorist and extremist acts. A recent study showed that almost half of all Bitcoin transactions are illegal (3* Allman K. The dark side of the Bitcoin/Law Society of NSW Journal. Iss.). 42 The increase in criminal activity using cryptocurrencies is likely to intensify if law enforcement agencies cannot technologically detect these emerging markets, determine their actions, and destroy plans.

3* The article is available here

In this context, it is necessary to briefly, in the most general form, explain what is meant by cyber terrorism and what are its distinguishing features. In this regard, there are many opinions, approaches, terms, no unambiguous and generally accepted definition of cyber terrorism has yet been given. This, in our opinion, was a serious omission, since it is necessary to know for sure and specifically understand all the phenomena that one has to face and struggle with.

Cyberterrorism is often understood to mean cybercrime, but the obvious difference between cyberterrorism is a political (and/or ideological, religious-ethnic, social) motive. Cybercrime is aimed solely at financial gain.

Based on the analysis and generalization of various international sources, we can conclude that cyber terrorism is a deliberate, ideologically and politically motivated criminal activity carried out in cyberspace through digital technology and directed against information, computer systems, computer programs, and databases, as well as objects of critical information infrastructure, which poses a threat to the life or health of people or the onset of other grave consequences if such actions were taken with the aim of violating public safety, intimidating the population and authorities, achieving criminal intentions, provoking a military conflict. At the same time, terrorist cyber attacks can be aimed at objects of both a virtual environment and reality.

A distinctive feature of cyber-terrorist acts (attacks) is that, as a rule, they are aimed at critical infrastructure systems to turn off, for example, a water treatment plant, cause a regional power outage, disrupt the operation of a pipeline, oil refinery or transportation facilities. According to the U.S. Critical Infrastructure Protection Commission, possible targets for cyber terrorism include the banking industry, military facilities, power plants, air traffic control centers, and water systems (4* Rouse M. Cyberterrorism.). Such cyberattacks can destroy large cities, disrupt political elections in government, collapse the country’s financial system, cause a public health crisis, cause disruptions in food supplies, jeopardize public and state security, and cause massive panic and death.

4* The article is available here

Cyberterror operations can be carried out using a variety of cyber technologies, including:

  • various types of malware, for example, X-Agent, X-Tunnel, PsExec and other programs for remotely executing commands, transferring files, spying on keystrokes, destroying traces of one’s stay on the Web, periodically clearing event logs and changing time attributes, changing files;
  • Advanced persistent threat (APT) is a complex and concentrated network attack, as a result of which terrorists gain access to the corporate network and go unnoticed there for a long period with the aim of stealing data without damaging the network or organization directly. Typically, APT attacks target organizations in sectors with valuable information, such as national defense, manufacturing, and the financial industry;
  • Malicious viruses, computer “worms” and software control systems for critical infrastructure objects (water supply, transportation systems, electric networks, military systems, environmental complexes, etc.);
  • DoS attacks and DDoS attacks, which are skillfully applied by terrorist hackers to disable corporate systems and networks. Often carried out as part of cyber extraction;
  • Hacking and theft of critical data of government agencies, institutions, and enterprises;
  • Attack Ransomware, who hold hostage systems until victims pay a ransom;
  • Fishing attacks are the most common type of cyber attack, which is an attempt by cybercriminals to collect information from victims by e-mail, which they can then use to access systems or to steal the victim’s personal data.

For secret communication on the Internet when planning actions and coordinating attacks by terrorist organizations, encrypted Telegram or Signal communication platforms are increasingly being used. Jihadists prefer Twitter and Facebook to spread ideological propaganda. Cyber extremists actively use WhatsApp, Threema, Kik, Wickr, and SureSpot programs and messages to exchange messages.

Programs such as Google.Maps are capable of providing extremely important information for terrorists about the location of specific settlements or objects, finding possible entry points to places where terrorist attacks are planned, and also considering safe escape and evacuation routes. Potential terrorists can find almost any training material on the darknet: instructions for creating improvised incendiary and explosive devices, kidnapping and keeping hostages, blackmailing, and intimidating victims. There are even guides on how to effectively avoid online control by anti-terrorist groups.

The technological transformation, the launch of the shadow Internet and the active use of digital technologies by terrorist organizations have contributed to the emergence of new dangerous trends in modern online terrorist activities:

1) a steady and large-scale increase in cyber-terrorism;

2) targeted dissemination of ideological and instructive information to a specific and most receptive audience;

3) comprehensive support and encouragement of single followers.

In the last decade, thanks to the Internet and the use of digital technology, the operational planning of terrorists has become more decentralized, sophisticated, and technologically advanced. Cyberspace is cross-border, so if a cyber-terrorist act is committed, it is difficult to establish the location of the terrorists. The location of the computer with which the terrorist act is committed rarely coincides with the location of the target and the consequences of the act. In addition, the technological problem is the safety of the traces of the crime and, accordingly, the process of tracing its perpetrators, which significantly reduces the chances of them being detected and neutralized. The answers to the questions remain unclear: will terrorist attacks move into cyberspace and will the number of real terrorist acts (explosions, arson, executions, hostage-taking, vehicle hijackings, etc.) be reduced, or will terrorism remain just as violent and physically pronounced?

The transnational nature of cyber terrorism is responsible for the close interaction between law enforcement agencies and IT specialists from different countries. In order to ensure the sharing of financial intelligence and information related to the criminal use of digital currencies, in particular the financing of cyber terrorism, in 2016 Europol, Interpol, and the Basel Management Institute created a joint anti-money laundering unit specializing in digital currencies. The group’s tasks include collecting and analyzing information about the criminal use of cryptocurrencies, investigating the storage of proceeds from crime, organizing annual seminars and meetings of representatives of three departments, and other institutions, as well as creating a network of Bitcoin crime specialists (5* Europol and Interpol to fight cryptocurrency crime together). With the support of Europol, in July 2017, the two largest darknet markets AlphaBay and Hansa Market were closed, which was the result of a major international operation in which the United States, Canada, Thailand, Holland, Great Britain, France, Lithuania, as well as representatives of Europol, FBI and US Drug Enforcement Administration (6* Galbraith K. The Emerging Threat of Cyberterrorism/Australian Outlook).

5* The article is available here

6* The article is available here

Obviously, in order to prevent terrorist threats and radicalization in cyberspace, law enforcement agencies must be able to technologically be one step ahead of cybercrime. The resourcefulness and professionalism of modern cyber terrorists, as well as their fantastically increased technological capabilities, require law enforcement agencies around the world to develop adequate mechanisms to counter cyber terrorism, a strategy for combating which should be aimed at preventing and minimizing the threats and risks posed by global digitalization. The ultimate goal of such an approach should be to exclude any opportunities for terrorist action, both in the real world and in cyberspace.

Blockchain opens up new ultra-efficient ways to counter cyber attacks in various ways, one of which is reliable data protection from hacking, theft, or destruction of valuable information. If, when a traditional centralized system is hacked, a hacker can gain access to all thousands of objects in one entrance, then when a decentralized blockchain system is hacked, cybercriminals can access only one fragment, which makes their actions more time-consuming, since they will have to crack the database many times to get full information. In turn, the security services and law enforcement agencies have additional time to identify the source of danger and eliminate the threat.

The possibility of preventing cyber-attacks is laid down in the very principle of a decentralized blockchain system, which not only provides a decentralized network for storing information but also guarantees its security due to the resistance to cracking of hashed and encrypted blocks. A blockchain-based server can minimize attacks by creating a more extensive network and distributing control between different users. The presence of automatically distributed ledgers and an unchanged transaction history helps prevent cyber attacks. Sequential hashing and encryption of information allow you to maintain data integrity.

The principle of distributed network security can also be applied to protect such a vital external infrastructure as the domain name service (DNS) of company websites. In 2016, a powerful cyber attack on Twitter and Spotify demonstrated the vulnerability of the current DNS practice, namely, that the access key is stored on only one server, and its reliability is built on hashing by encoding and cryptography. A server based on a distributed blockchain registry creates a wider network of security keys, which is guaranteed to minimize the risk of hacking or system destruction.

In addition to protecting the data itself, the blockchain is able to protect the information exchange process from cyberattacks. For example, instant messaging tools like Facebook Messenger or WhatsApp, although equipped with security systems, still have weaknesses. WhatsApp, despite end-to-end encryption to protect message content, retains metadata (information about who the user is talking to) that is usually stored on separate systems, and it is likely that hackers will crack it. Blockchain technology can decentralize the network, share metadata, and guarantee their aggregate unavailability.

The protection systems of Internet servers and information and communication systems should not only be in time to improve following more and more advanced ways and methods of executing acts of cyber-terrorism but should be far ahead of them.

Anti-terrorist groups in a number of countries already use supercomputers with advanced software, in particular blockchain technologies, to assess the risks of cyberterrorist acts, accumulate and analyze huge amounts of data from the global Internet cloud, identify and recognize the patterns of dislocation, movements and interpersonal relationships of cyberterrorists, and personal identification suspects, establishing control over their terrorist activities and movements.

In 2016, the British Counter-Terrorism Internet Referral Unit (CTIRU) pulled out over 3,500 titles of harmful and illegal material from the Internet, including propaganda films, terrorism training materials, and videos and publications promoting or supporting terrorism and extremism. Based on blockchain technology and big data analysis, Palantir from Silicon Valley creates and improves counter-terrorism information tracking software for intelligence, law enforcement, and private detective agencies, bringing the company’s founders $ 1.5 billion in revenue annually. Digital forensics also helps investigators look for evidence in the digital fingerprints of suspected terrorists by identifying their online activity, listening to conversations, and looking for purchases to find evidence of criminal acts. Special software purchased from Magnet Forensics, a Canadian company, allowed the FBI to detect evidence on 30 electronic devices belonging to the terrorists responsible for the attack during the Boston Marathon (2013).

The use of blockchain technology and products based on it in the fight against cyber terrorism is carried out, as a rule, in a complex with other super technologies. So, the blockchain in combination with artificial intelligence is used to filter and identify important information, to search in huge data arrays.

The use of blockchain technology and products based on it in the fight against cyber terrorism is carried out, as a rule, in a complex with other super technologies. So, the blockchain in combination with artificial intelligence is used to filter and identify important information, to search in huge data arrays.

Based on the blockchain, the software is being developed that can identify and remove terrorist content before it becomes mass-distributed. In 2018, the UK Department of Home Affairs reported on the creation by London-based technology company ASI Data Science of a comprehensive artificial intelligence tool to detect 95% of terrorist content in online video, with a probability of detection of 99.9% (7* Counter-terrorism strategy embraces tech, but warns of future extremist digital capabilities).

7* The article is available here

Elements of blockchain technology are present in face recognition and recognition software, in explosive detection systems in vehicles, Packbots robots that can penetrate an extremely dangerous environment for humans, and even in high-tech elevators that instantly deliver people from the upper floors of skyscrapers to the lobby.

The scope of the blockchain technology in cybersecurity is unlimited due to its unique properties such as reliability, accessibility, high adaptability, economic efficiency, and profitability. The use of the blockchain to combat cybercrime can be extended to financial services, legislation, the transport industry, or any other industry that requires third-party verification.

Of course, the basis of all these developments and the mechanism for their application in law enforcement should be appropriate legislation that responds to new risks and threats in a timely manner, as well as legalizing the use of digital technologies. It seems necessary to introduce into the legal field the activities of digital currency exchange providers, as well as the sale and purchase of not only tokens but also cryptocurrencies, which will solve a number of paramount tasks, such as countering the financing of terrorist activities and money laundering. It should be noted that the practical implementation of the requirements for the identification of traders is difficult due to the lack of direct contact with the user and the lack of proven identification mechanisms in relation to cryptocurrencies.

In addition, legislation should regularly improve the criminal law assessment (qualification) of cybercrime and cyber offenses, introduce new types of them, and strengthen the system of punishments for cyber terrorism. Set administrative fines for such offenses in a virtual environment, such as repeatedly watching streaming terrorist video content or sending files of a terrorist and extremist nature.

Thus, the development of high-tech digital mechanisms to counter cyber terrorism and the unification of efforts by states around the world is a priority at the present stage. The international community should develop common rules for the game in the field of digital technologies for all countries, a universal and common international standard for all that will take into account the interests of each country as much as possible. The cross-border cyber threat data sharing system should be improved. At the same time, security measures should not be taken to the detriment of technological progress and innovation. Freedom of communication and communication, as well as the unhindered exchange of experience and ideas in the digital age, should be guaranteed by law.

Material developed by IMBA-Exchange

Write a Comment

Your email address will not be published. Required fields are marked *

  • bitcoinBitcoin (BTC) $ 55,039.00 2.35%
  • ethereumEthereum (ETH) $ 4,356.51 2.33%
  • binance-coinBinance Coin (BNB) $ 602.79 2.31%
  • tetherTether (USDT) $ 1.00 0.26%
  • solanaSolana (SOL) $ 219.21 4.3%
  • cardanoCardano (ADA) $ 1.60 7.05%
  • xrpXRP (XRP) $ 0.945470 2.63%
  • usd-coinUSD Coin (USDC) $ 0.999247 0.06%
  • polkadotPolkadot (DOT) $ 34.35 4.06%
  • dogecoinDogecoin (DOGE) $ 0.203339 2.51%
  • terra-lunaTerra (LUNA) $ 69.19 10.04%
  • avalanche-2Avalanche (AVAX) $ 106.02 4.72%
  • shiba-inuShiba Inu (SHIB) $ 0.000042 1.14%
  • crypto-com-chainCrypto.com Coin (CRO) $ 0.639303 6.98%
  • matic-networkPolygon (MATIC) $ 2.28 11.69%
  • wrapped-bitcoinWrapped Bitcoin (WBTC) $ 54,993.00 2.33%
  • binance-usdBinance USD (BUSD) $ 1.00 0.05%
  • litecoinLitecoin (LTC) $ 194.82 5.05%
  • algorandAlgorand (ALGO) $ 1.81 4.97%
  • chainlinkChainlink (LINK) $ 24.12 2.35%
  • bitcoin-cashBitcoin Cash (BCH) $ 549.80 2.44%
  • uniswapUniswap (UNI) $ 20.79 6.58%
  • cosmosCosmos (ATOM) $ 31.74 20.5%
  • daiDai (DAI) $ 1.00 0.21%
  • axie-infinityAxie Infinity (AXS) $ 133.69 0.59%
  • stellarStellar (XLM) $ 0.341545 1.71%
  • terrausdTerraUSD (UST) $ 1.00 0.04%
  • vechainVeChain (VET) $ 0.112723 3.03%
  • internet-computerInternet Computer (ICP) $ 39.48 1.37%
  • tronTRON (TRX) $ 0.098744 1.71%
  • compound-ethercETH (CETH) $ 87.23 2.33%
  • okbOKB (OKB) $ 26.06 5.39%
  • elrond-erd-2Elrond (EGLD) $ 339.44 5.79%
  • ftx-tokenFTX Token (FTT) $ 47.79 2.77%
  • filecoinFilecoin (FIL) $ 50.57 5.92%
  • theta-tokenTheta Network (THETA) $ 6.62 4.3%
  • staked-etherLido Staked Ether (STETH) $ 4,318.98 2.3%
  • ethereum-classicEthereum Classic (ETC) $ 45.95 2.84%
  • hedera-hashgraphHedera (HBAR) $ 0.327682 4.82%
  • the-sandboxThe Sandbox (SAND) $ 6.17 3.96%
  • decentralandDecentraland (MANA) $ 4.03 7.49%
  • fantomFantom (FTM) $ 2.04 1.89%
  • nearNear (NEAR) $ 8.88 8.73%
  • cdaicDAI (CDAI) $ 0.021703 0.49%
  • tezosTezos (XTZ) $ 5.07 0.84%
  • the-graphThe Graph (GRT) $ 0.880006 1.11%
  • moneroMonero (XMR) $ 228.77 4.06%
  • iotaIOTA (MIOTA) $ 1.43 7.19%
  • radixRadix (XRD) $ 0.405397 1.57%
  • galaGala (GALA) $ 0.516720 11.7%