In late November, reports broke that Palo Alto Networks (NASDAQ: PANW), one of the world’s leading cybersecurity firms, had been hacked. The Silicon Valley security firm serves over 70,000 customers worldwide and specializes in advanced firewalls and cloud-based security solutions.
Within days of the reports, it released a statement confirming that its Next Generation Firewalls (NGFWs) had been targeted in cyberattacks exploiting two zero-day vulnerabilities. After exploiting these vulnerabilities to bypass authentication and execute commands with root privileges, the attackers deployed malware and digital currency mining software, impacting over 2,000 devices.
The investigation into what happened and how is ongoing, although independent security advisors already say it is a much larger breach than Palo Alto Networks is admitting.
Cybersecurity breaches take too long to discover and trace
On average, it takes 212 days to discover a cyberattack and even longer to figure out how it occurred and calculate the damage.
Why so long? Hackers specialize in deleting logs that record activity on computer networks, allowing them to cover their tracks after a breach. This is possible because all system entries/exits and network activity logs are stored on centralized systems. Often, vital records are stored on the same systems that have been breached. It’s akin to storing the CCTV footage of a robbery in the same location that is broken into, allowing intruders to wipe it before they leave.
While breaches of large, specialized firms like Palo Alto Networks are headline-grabbing and embarrassing, cyberattacks happen every 39 seconds, and 43% affect small businesses. The average cost of a breach has increased to $4.88 million in 2024, making them potentially catastrophic for smaller firms.
In addition to the monetary costs, there’s often incalculable brand damage. This is especially true for firms like Palo Alto, which supposedly specialize in cybersecurity. When disputes break out over the size of the incidents and their seriousness, it only worsens things by making it seem as if there’s an attempt to conceal the facts.
With such high stakes in play, affordable tools that can hasten the detection of breaches and provide verifiably transparent records of what happened are extremely valuable. Could blockchain-based tools be the solution many have been waiting for?
Sentinel Node by Certihash and IBM
Blockchains are immutable public ledgers with time-stamped records that a single entity cannot alter. One startup, Certihash, uses the BSV blockchain to power its Sentinel Node cybersecurity tool.
Sentinel Node is simple in principle—it takes ‘snapshots’ of protected computer networks and files and links them to cryptographic hashes on the blockchain. If unauthorized access to these files is detected or changes are made, they will no longer match against the hash, and an alert will be sent to the system administrators within seconds. Furthermore, any actions taken by administrators are also recorded on the immutable blockchain, meaning the full facts of what happened, when, and who was involved are transparent and unalterable.
Sentinel Node reduces the average detection time of breaches from 212 days to mere seconds, allowing rapid responses and much more effective containment. Better yet, the blockchain-based records that show what occurred eliminate any disputes, meaning companies can present the full facts transparently, and independent auditors can verify them.
With the frequency of attacks and associated costs increasing, blockchain-based cybersecurity tools like Sentinel Node could be the solution or part of it. IBM (NASDAQ: IBM) certainly thinks so, which is why it was involved in building these tools on BSV.
While no tool will solve every problem related to cyberattacks and system breaches, being able to detect them immediately and prove what happened is a massive step in the right direction. Finally, the utility of blockchain technology is being realized, and tools that will change the world positively are coming thick and fast.
Watch: Cybersecurity fundamentals in today’s digital age with AI & Web3
title=”YouTube video player” frameborder=”0″ allow=”accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture; web-share” referrerpolicy=”strict-origin-when-cross-origin” allowfullscreen=””>