We increasingly witness cyber-attacks. Cyber-criminals aren’t lone-wolf attackers now. They increasingly operate as organized groups, and they continuously upgrade their capabilities. Therefore, we see governments, businesses, and non-governmental organizations (NGOs) trying to improve their cybersecurity posture. They have incorporated several technology solutions already for this. Organizations are also exploring new technologies for this, and blockchain is one of them. How can blockchain help to improve cybersecurity? What are its use cases in this space? Read on, as we explain these.
Why consider blockchain to strengthen cybersecurity?
Why should you even think of blockchain when trying to improve cybersecurity? The answer lies in the following characteristics of blockchain:
• Decentralization: Blockchain is a decentralized P2P (peer-to-peer) network. Computers on this network are called “nodes”. All nodes in a public blockchain network like Bitcoin have equal authority, and there’s no central administrator. One can’t misuse administrator privileges and manipulate the network.
• Digital signature: Users of blockchain networks authenticate themselves with the help of digital signatures. Cyber-criminals can’t hack these signatures as long as users secure the secret key.
• Distributed ledger: Every node in a blockchain network like Bitcoin has the entire data. Hackers can’t shut this network down by compromising one node and every node has the “distributed ledger”.
• Encryption: Blockchain networks encrypt data. Cyber-criminals can’t hack strong encryption algorithms like AES-256 with the computing technology available today.
• Immutability: Blockchain networks use consensus algorithms along with cryptographic hash functions. This prevents hackers from modifying or deleting records on a public blockchain network like Bitcoin or Ethereum.
These characteristics make blockchain potentially valuable for cybersecurity.
Additionally, blockchain platforms like Ethereum offer smart contracts. These are pieces of code that are open-source. Smart contracts are stored on a blockchain. They work autonomously, and they are immutable. Smart contracts can efficiently administer contractual rules.
Blockchain use cases in the cybersecurity space
Thanks to its unique characteristics promoting information security, blockchain has several use cases in cybersecurity. A few examples are as follows:
1. Decentralized storage to prevent hackers from making off with sensitive data
Assume you use a cloud storage service to store the sensitive data belonging to your organization. The cloud storage provider stores it in a server. It provides you the necessary access via login ID and password, the provider manages the server. This represents a classic “Single Point of Failure” (SPoF) in the context of a cyber-attack.
Hackers looking for your sensitive data only needs to compromise the network of one cloud storage provider. Depending on the cybersecurity solutions that the cloud provider implements, the hacker might find it moderately difficult to attack this server. However, it’s just one central server though! With high-quality tools and persistence, hackers might succeed.
A blockchain-based decentralized cloud storage provider changes that. Such a provider stores your data on multiple nodes of a secure blockchain network. Take the example of Storj, a decentralized cloud storage provider. It breaks your file into multiple parts. Storj stores these parts on multiple nodes, and it maintains redundancy. Hackers need to compromise multiple nodes, which is prohibitively expensive.
Blockchain-based decentralized cloud storage providers like Storj don’t have a SPoF. Furthermore, its proven solution can recreate your file from different nodes when you need to access it.
2. Securing IoT networks
IoT (Internet of Things) plays a key role in smart appliances, smart grids, smart cities, etc. Sensors in IoT-enabled devices collect data and transmit them to the IoT application servers, and IoT applications manage their desired operations.
The data transmission happens over the Internet, and hackers can snoop on IoT networks. They can intercept the data, manipulate it, and cause serious damages. Imagine the consequences of hackers taking over smart power grids!
Blockchain uses end-to-end encryption. This can prevent hackers from snooping on IoT traffic. The combination of consensus algorithms and cryptographic hash functions in blockchain offers immutability, which can prevent hackers from manipulating IoT systems.
However, note the following:
• Blockchain networks like Bitcoin and Ethereum don’t scale well since every node stores the entire distributed ledger. IoT networks have a large number of devices. This makes scalability an important requirement.
• Computing-intensive consensus algorithms like POW (Proof of Work) in the Bitcoin or Ethereum blockchain cause low transaction throughput. This isn’t suitable for dealing with many IoT transactions.
These factors limit the use of this kind of public blockchain network in the IoT space. IOTA Foundation has come up with the answer to these challenges, and the answer is IOTA. It’s a blockchain network suitable for IoT platforms. IOTA uses DAG (Direct Acyclic Graph), which doesn’t use a consensus algorithm like POW. IOTA offers scalability and performance.
3. Managing the impact of DDoS (Distributed Denial of Service) attacks
Hackers often DoS (Denial of Service) attacks. Their objective is to stop the functioning of a server. DDoS (Distributed Denial of Service) attacks take it to another level, where hackers try to overwhelm a server or network by sending a very high amount of Internet traffic.
Hackers launching DDoS attacks create a lot of fake traffic. E.g., they might use commonly available bots for that. The server can’t function normally under such circumstances since it faces a flood of Internet traffic. As a result, users can’t access the service offered by the application.
What if users of the server could access a pool of servers as alternatives? They won’t face adverse impacts even if cyber-criminals launch DDoS attacks on one server. Blockchain can provide exactly that with its decentralized network.
Gladius, an American start-up had built a blockchain-based solution to reduce the impacts of DDoS attacks. Users could connect to a “protection pool” of servers in the case of a DDoS attack. This will allow them to access the service even in the case of a DDoS attack.
At the time of writing, Gladius isn’t operating. The company closed its operations due to a settlement with the US Securities and Exchange Commission (SEC) in 2019. However, we now have the blueprint of a blockchain-based solution to reduce the impact of DDoS attacks.
4. Securing DNS (Domain Name System) for a safer Internet
DNS (Domain Name System) is an important component of the Internet. It’s a public directory. It contains the link to domain names and resources on the Internet like IP addresses.
Cyber-criminals often try to compromise this system. They exploit the connection between a website and its IP address, and they cause the site to crash. Many businesses and other organizations face losses due to such attacks. Securing DNS is key to a safe Internet.
Blockchain offers a decentralized network. Different nodes on this network store a distributed ledger. Robust encryption and consensus algorithms help to make data on a blockchain immutable, which can help to secure DNS.
A blockchain-based solution will involve storing DNS entries on an immutable distributed ledger. Smart contracts running on a blockchain network can power the connection between the domain and the IP address. This combination prevents hackers from manipulating DNS entries and crashing websites.
Cybersecurity is a high-priority area for governments, businesses, and NGOs. Preventing cyber-attacks requires robust technology solutions, and blockchain can help. We discussed how blockchain can strengthen cybersecurity. Finally, we reviewed a few blockchain use cases in the cybersecurity space.