SecurityWeek: Cyber Insights 2023 | The Coming of Web3
On February 6, NetSPI Director of Research Nick Landers was featured in the SecurityWeek article called Cyber Insights 2023 | The Coming of Web3. Read the preview below or view it online.
+++
SecurityWeek Cyber Insights 2023 | The Coming of Web3 – Web3 is a term that has been hijacked for marketing purposes. Since web3 obviously represents the future internet, claiming to be web3 now is a claim to be the future today. Such claims should be viewed with caution – we don’t yet know what web3 will be.
Two of the biggest culprits are the cryptocurrency and NFT investment industries, which both use blockchains. They have claimed to be web3 so vociferously that some pundits believe that web3 is blockchain. This is way too simplistic – these are just applications running on one technology that may become one of the web3 building blocks.
Before we discuss the evolution of, and issues with, web3 in 2023 and beyond, we’ll first define one specific view of its basics.
Financial institutions
Since the blockchain was originally developed for use in the finance sector, it should be no surprise that the finance industry is one of the more interested sectors. “There is a major trend of blockchain adoption in large financial institutions,” says Nick Landers, director of research at NetSPI, specifically citing Broadridge, Citi and BNY Mellon.
“The primary focus,” he continued, “is custodial offerings of digital assets, and private chains to maintain and execute trading contracts. Despite what popular culture would indicate, the business use cases for blockchain technology will likely deviate starkly from popularized tokens and NFTs.” Instead, he believes, industries will prioritize private chains to accelerate business logic, digital asset ownership on behalf of customers, and institutional investment in proof-of-stake chains.
By the end of next year, he expects that every major financial institution will have announced adoption of blockchain technology, if it hasn’t already. “While Ethereum, EVM, and Solidity-based smart contracts have received a huge portion of the security research, nuanced technologies like Hyperledger Fabric have received much less. In addition, the supported features in these business-focused private chain technologies differ significantly from their public counterparts.”
It is worth noting that private blockchains are not decentralized blockchains – which begs the question, are they really web3?
Either way, this ultimately means more attack surface, more potential configuration mistakes, and more required training for development teams. “If you thought that blockchain is ‘secure by default’,” added Landers, “think again. Just like cloud platform adoption, we’ll see the promises of ‘secure by default’ fall away as unique attack paths and vulnerabilities are discovered in the nuances of this technology.”
Read the full article at SecurityWeek!
Explore more News
NetSPI Appoints New VP Alvaro Warden to Drive Channel-First Growth Strategy
Read why NetSPI is leaning into a channel-first strategy to drive its next stage of growth and get to know its new partner program leader, Alvaro Warden.
Forbes: What Would Anubis Think Of Modern Day CEOs?
Forbes featured insights from NetSPI’s CEO, Aaron Shilts, on the CEO role. Read the article.
PC Gamer: This 3D printed laser chip-hacking device uses a $20 laser pointer, costs $500 to build, and was developed so that ‘people can do this in their homes’
Read the story of NetSPI's Sam Beaumont and Larry "Patch" Trowell created a laser hacking device (RayV Lite) that makes microchip exploitation easier.