Mitigating Cyber Attacks with Smart Contracts on Distributed Ledgers
Any business system that utilizes smart contracts on a distributed ledger, be it for billing, provenance, real-time financial insights or even environmental, social, and governance (ESG) monitoring, has the capability to mitigate risk and help protect critical infrastructures exposed to cyber threats, making distributed ledger technology an integral component to facilitate business continuity and speed recovery after any disaster. Unfortunately, cyber-attacks are becoming more frequent, as a result, specific technologies and recovery plans will become more of a critical focus in the conversation to protect global businesses. Smart contracts on distributed ledgers stand to play a strong role in the preservation of critical infrastructures, attacks on which may present challenges to national security.
Incidents such as the attack on Colonial Pipeline in 2021, left the company without a good choice when its corporate IT network was hit with a ransomware attack. We learned that the company then opted to shut down its operational technology (OT) network. This is the system that runs the 5,500-mile physical pipeline with critical fuel, one of the largest pipelines in the country, responsible for transporting more than 100 million gallons a day.
In a situation such as this, a shutdown may be imperative because a company’s billing system has been compromised and there is no way to track product distribution or properly bill for it. Additionally, companies want to ensure safety by making sure a cyber-physical attack doesn’t access critical operating systems or go beyond, into a company’s process control network and those of its suppliers.
Ultimately, in many cases, ransoms are paid to get the keys necessary to decrypt data and resume operations.
If a company uses smart contracts on distributed ledgers to automate its commercial transactions, such as billing, each transaction is stored in on a ledger shared among trading partners. If any single part of the network goes down, it can be reconstituted from other parts of the network to create a self-healing infrastructure and be back up-and-running, often in under 24 hours, avoiding the need for a prolonged shutdown.
With distributed ledgers, a cyber-attacker must compromise every copy of the ledger in multiple company’s environments in order to hold any particular piece of data ransom, greatly increasing the effort required by a hacker and mitigating the risk of one or two participants being compromised. Companies, as well as private and governmental institutions are now taking a hard look at their current systems in order to undertake stronger risk mitigation strategies to combat the ploys of sophisticated cybercriminals.
Automated transactions using smart contracts on distributed ledgers create not only efficiency, accuracy, and significant savings, but also guard against any single point of failure enabling quick recovery in the event of a cyber-attack, which is paramount to minimize the impact on business operations.