The IBM security team has announced the launch of X-Force Red, a new blockchain security testing service to help enterprises identify weaknesses in blockchain-enabled solutions. This item is calledX-Force RedThe new service of Blockchain Testing evaluates the back-end processes used to manage the blockchain network and the actual ledger environment throughout the implementation to identify exploitable vulnerabilities.
ReportReport, predicts that global spending on blockchain solutions will reach $9.7 billion by 2021, suggesting that blockchain implementations are likely to grow exponentially in the coming years. According to IBM, establishing strengthened industry standards will be a critical next stage in achieving widespread enterprise adoption of blockchain.
Charles Henderson, Global Head of IBM X-Force Red, said: While blockchain is a breakthrough in protecting data integrity, that does not mean that solutions utilizing it are immune to attack, which is why during development and Security testing must be done after deployment.”
During a typical blockchain testing event, an X-Force Red team of hackers will use the same tools, techniques, practices, and mindset as attackers to hack into a blockchain network and assess:
Identity and Access: X-Force Red will assess how access/authority to add information to the blockchain will be managed, including password policies, susceptibility to brute-force attacks, and implementation of two-factor authentication;
Public Key Infrastructure (PKI): ensures the secure creation, management and distribution of digital certificates and keys associated with blockchain networks;
Smart contract flaws: Conduct penetration testing to ensure that smart contracts have no exploitable vulnerabilities;
Software Supply Chain Attacks: Common library and component dependency attacks can be tested during design and implementation to ensure secure dependency signing and trust build pipelines.
ReportReport, the report includes a list of top actions for users to ensure they are not attacked by ransomware, cryptocurrency miners or state-backed hackers. Among them, cryptojacking malware has become the most urgent attack that users need to deal with, and ransomware takes a back seat.
Security experts warn that the implementation of blockchain will pose various risks for companies. However, because the technology is still in the development or testing stage, there have been no reports of attacks on corporate networks, but attacks on cryptocurrencies themselves and exchanges have continued.
have
havemedia summaryto report
according toto reportandVerge、MonacoinandBitcoin GoldSome cryptocurrencies with smaller market capitalization, etc., the total attack amounted to 20 million US dollars.
predictpredictI am Odaily reporter Suixin (WeChat ID wsuixin12), please note your name, unit, title and reason when adding friends.
I am Odaily reporter Suixin (WeChat ID wsuixin12), please note your name, unit, title and reason when adding friends.
