Good morning, Cyber Saturday readers.
In snowy Davos this week, the halls buzzed with a pair of words that have become nigh impossible to escape at such topflight functions: blockchain and cryptocurrency. Seemingly everyone weighed in on the subjects.
Cryptocurrency, the more controversial of the two, had its fair share of detractors. U.S. Treasury Secretary Steven Mnuchin said he was focused on people using Bitcoin and other cryptocurrencies for “illicit activity.” UK Prime Minister Theresa May urged governments to take the criminal risks “very seriously.” And International Monetary Fund head Christine Lagarde exhorted that “the way in which [cryptocurrency] conceals and protects money laundering and financing of terrorism, is just unacceptable”—while adding, hopefully, “there will be innovations coming out of these movements.”
Blockchains, on the other hand, drew heaps of praise. Bank of Canada Governor Stephen Poloz lauded the technology as “a true piece of genius.” Lagarde called it “fascinating.” And billionaire investor George Soros extolled the virtues, saying blockchains “can be put to positive use,” including by “helping migrants to communicate with their families and to keep their money safe and carry it with them.”
I didn’t attend this year’s World Economic Forum, but just a few hundred kilometers north of the Alpine retreat I hosted a panel on digital identity and fraud at Münich’s Digital Life Design conference. One participant, Timothy Ruff, cofounder and CEO of Evernym, a startup that’s developing a blockchain for identity, spoke eloquently about the technology’s potential for humanitarian aid. His remarks held special significance in the Bavarian city, where an influx of migrants from war-torn Syria—many lacking official government documents—have found refuge.
But Ruff’s rosy vision had its skeptics. Esther Dyson, the investor (whose father is famed physicist Freeman), noted from the audience that even though “self sovereign” identity—the idea that people should ultimately be in control of their own data—sounds nice, it’s a misleadingly simplistic notion. Technology alone cannot easily overcome socioeconomic and political challenges, Dyson suggested. People have less control over their identities than they might believe; consider those living under oppressive regimes, or in places where organized or other crime runs rampant. Are you “self sovereign” when there’s a gun to your head? Not quite.
Blockchains—and cryptocurrencies—are innovations that offer humanity extraordinary, transformative potential. But let us not delude ourselves into believing one or the other will categorically cure—or aggravate—all the world’s ills. As in all things, we must respect the nuances.
Have a great weekend.
Welcome to the Cyber Saturday edition of Data Sheet, Fortune’s daily tech newsletter. Fortune reporter Robert Hackett here. You may reach Robert Hackett via Twitter, Cryptocat, Jabber (see OTR fingerprint on my about.me), PGP encrypted email (see public key on my Keybase.io), Wickr, Signal, or however you (securely) prefer. Feedback welcome.
You’re up for review. Top tech companies like SAP, Symantec, and McAfee have allowed Russian authorities to inspect their software source code for flaws, Reuters reports. The practice raises concerns since it may help Moscow’s hackers find vulnerabilities across federal agencies, where these companies’ products are pervasively installed. HPE was discovered to have permitted similar reviews in the past.
Help wanted. Google parent Alphabet on Wednesday debuted Chronicle, the latest graduate from its moonshot factory X. The cybersecurity concern aims to help companies defend themselves from digital attacks by helping security teams manage floods of threat-related data in concert with another Google product, VirusTotal, which catalogues malware. The unit is headed by Stephen Gillett, who formerly worked at Symantec and Starbucks. (Fun fact: Gillett also appeared on Fortune’s 40 Under 40 list eight years ago.)
We can rebuild him. While speaking at the World Economic Forum this week, Maersk’s chairman Jim Hagermann Snabe revealed the extent of a recent cyberattack’s damage to the shipping giant’s IT systems. The NotPetya ransomware worm forced the company’s tech team to reinstall “a complete infrastructure” over 10 days, he said. The crew set up “4,000 new servers, 45,000 new PCs, and 2,500 applications” to the tune of $250 to $300 million.
When can you start? The Democratic National Committee has appointed Bob Lord, formerly of Yahoo, as its first ever chief security officer. He’ll be in charge of bolstering the digital fortifications of the organization as well as that of state parties ahead of the 2018 mid-term elections. During his brief tenure at Yahoo, Lord cleaned up the aftermath of two devastatingly large data breaches that compromised more than a billion accounts. Seems like the right man for the job.
Smile, election hackers, you’re on candid camera!
Share today’s Data Sheet with a friend:
Looking for previous Data Sheets? Click here.
“I personally believe that there is going to be a one or a few legitimate trusted digital currencies off of the blockchain technology. And that legitimacy and trust in terms of its consumer application will have to be legitimatized by a brand and a brick and mortar environment, where the consumer has trust and confidence in the company that is providing the transaction.”
—Coffee impresario Howard Shultz offered a tantalizing, if rambling, digression about cryptocurrencies during an earnings call for Starbucks, the java company he founded and now chairs. He said he doesn’t have faith in Bitcoin’s longevity.
Hackers Are Using PDF Versions of ‘Fire and Fury’ to Spread Malware, by David Z. Morris
Apple Says It Will Protect Your Privacy With These HomePod Features, by Don Reisinger
Hackers Have Stolen $400 Million From ICOs, by Lucinda Shen
Criminals Drop Bitcoin for Other Cryptocurrencies, by Jeff John Roberts
ONE MORE THING
Hacking nuclear power plants. The world must prepare itself for cyberattacks on nuclear systems. There have already been a number of incidents—from a rogue programmer injecting a virus into a Lithuanian nuclear plant’s computers in 1992, to Stuxnet frying centrifuges in Iran in 2009, to suspected North Korean hackers stealing reactor plans from South Korea in 2014. The UN’s International Atomic Energy Agency has been rehearsing cyber-provoked nuclear disasters in recent months. Better safe than sorry.