Full Report
Take a good look at Bitcoin right now… these are the unlucky ones. These are the unfortunate souls who jumped on another overinflated balloon. But, does this Bitcoin crash completely […] The post BHIS Podcast: Blockchain and You! InfoSec Edition appeared first on Black Hills Information Security, Inc..
Analysis Summary
# Main Topic
Analysis of the security implications surrounding Blockchain technology, prompted by the recent market volatility and perceived "crash" of Bitcoin investments, focusing on why security practitioners should remain concerned beyond typical crypto concerns.
## Key Points
- The discussion centers on the security aspects of blockchain technology, despite the market performance of specific implementations like Bitcoin (which saw a crash, leading some investors to suffer losses).
- The core concern is that "crazy applications" built on blockchain create "crazy security issues."
- The analysis explicitly intends to cover security concerns beyond the well-known 51% attack vector.
- The session was presented as a live webcast on February 3, 2019, featuring input from Beau Bullock (BHIS Tester and host of the Coinsec Podcast).
- Slides related to the webcast are available for download.
## Threat Actors
- No specific named threat actors or criminal organizations are identified in relation to blockchain vulnerabilities in the provided context.
- The discussion focuses on inherent technical risks rather than targeted campaigns by known groups.
## TTPs
- The explicitly mentioned technical vulnerability type discussed is the **51% attack**.
- The summary indicates that the discussion covers other security issues beyond this, but the specific details of those other TTPs are not extracted in the provided text.
## Affected Systems
- **Bitcoin:** Referenced as the subject experiencing a price crash/market volatility.
- **Blockchain Technologies:** The broader class of systems being analyzed for associated security issues.
- **"Crazy applications" built on blockchain:** Implied targets featuring novel or poorly implemented security structures.
## Mitigations
- Specific technical mitigations or IoCs are not provided in the context, as the text focuses on identifying the security landscape associated with blockchain rather than reporting a specific incident response.
- The only implied mitigation strategy is the necessity for security practitioners to understand these risks (i.e., education and awareness).
## Conclusion
The market failure of "overinflated balloons" like Bitcoin should not distract security professionals from the underlying dangers posed by security issues inherent in blockchain applications. Security practitioners must look beyond common attack vectors (like the 51% attack) to secure novel and potentially insecure implementations of distributed ledger technology.
***
# Morning News Roll-up {Date Not Provided in Context}
## Overview
This summary focuses exclusively on the identified threat intelligence topic extracted from the Black Hills Information Security (BHIS) podcast post regarding blockchain security in the context of Bitcoin volatility.
## Top Stories
### BHIS Podcast: Blockchain and You! InfoSec Edition
- Summary: A deep dive into blockchain security issues, prompted by the negative financial performance of Bitcoin, intended to explore security concerns beyond the 51% attack and assess why security practitioners must care about the technology despite market crashes.
- Source: BHIS Podcast content summary
### Bitcoin Volatility and Investor Impact
- Summary: The context uses the "crash" of Bitcoin as a trigger event, labeling those invested in it as "unlucky ones" who jumped on an "overinflated balloon." This sets the stage for a security discussion, not financial advice.
- Source: BHIS Podcast description
### Blockchain Security Beyond the 51% Attack
- Summary: The podcast segment promises to cover "crazy security issues" arising from various blockchain applications, explicitly stating the focus extends beyond the common threat of a 51% attack.
- Source: BHIS Podcast key topic focus