The promise of data immutability and decentralization
Media buzz continues about blockchain and the many ways it will transform key processes of everyday life. Aside from serving as the payment rail for cryptocurrency transactions, we are promised that this distributed ledger can be applied across sectors – from helping the entertainment industry defend against piracy to upending the $15 billion revenue per year title insurance industry. There is little question that blockchain will become ubiquitous, with its valuable core features of data immutability and decentralization.
Whether at conferences or at client sites, we routinely receive questions about blockchain and how the technology can be applied in the cybersecurity space. One way to look at this is from the decentralization perspective, eliminating both centralized control and centralized risk. Blockchain tackles a basic cybersecurity vulnerability by removing the centralized weak point – the human – from the equation. In this way, blockchain and its distributed ledger provide point-to-point data confidentiality and encryption while still ensuring convenience for users. Aside from encryption and authentication, there are many interesting use cases for blockchain in the cybersecurity realm. This article focuses on two of these: a safer domain name system; and ‘Internet of things’ security.
A safer domain name system
In February 2020, Amazon said its AWS Shield service mitigated the largest DDoS attack ever recorded, stopping a 2.3 Tbps attack in mid-February this year. The incident was disclosed in the company’s AWS Shield Threat Landscape, a report detailing web attacks mitigated by Amazon’s AWS Shield protection service. 1
How can blockchain promote a more secure Internet while also reducing the likelihood of similar large-scale attacks against DNS in the future? The answer is simple: if immutable domain record information is stored on a ledger that is heavily distributed, threat actors will theoretically find it more challenging to identify and exploit single vulnerability points that could result in centralized attacks.
Greater security for the ‘Internet of things’
One mantra we often hear is that opportunistic threat actors always seek the path of least resistance. Our Cybeta team, with their years of experience serving in the special services, can certainly attest to that. The proliferating devices that make up the Internet of things (IoT) – with their insecure web interfaces and insufficient authentication and authorization mechanisms – can serve as an attractive entry point for actors seeking to establish an initial foothold onto remote networks and systems. Some studies suggest that by 2030, there will be over 100 billion installed IoT devices throughout the world, a vast threat surface for individuals and businesses alike. And as powerful tools such as Shodan – the first search engine for Internet-connected devices – demonstrate, it is no longer hypothetical that unauthorized access can be achieved by exploiting IoT through IP-addressable doorbells, thermostats, and cameras. But how can blockchain reduce this extended threat surface?
Using blockchain, real-time security decisions can be made that obviate the need for a central authority on matters relating to IoT. To protect against attacks, some experts have suggested using blockchain to help devices form group consensus and lock down any node that exhibits suspicious behavior. On the issue of data security, since most IoT devices currently depend on a centralized architecture, where data collected by devices is sent to the cloud for processing and analytics before being sent back to the device. Here, the possibility of a single point of failure impacting an entire network also presents very real risk. This is exacerbated by the reality that many billions more devices are expected to come online in the coming decade, exposing scalability limitations and the infeasibility constantly validating every data transaction made by every device. With the sheer number of devices involved, this reliance on centralized authority would therefore render these systems extremely costly and slow – allowing blockchain to play a prominent role.
There are numerous applications for blockchain in cyberspace – all of them capitalizing on the fundamental security provided by decentralization and data immutability. We’re excited to work with our clients to help prepare for this future.
Liberty Advisor Group and Cybeta provide you with a predictive edge that keeps your business, data, and IP safe from cybersecurity attacks and ahead of the competition. With decades of US intelligence training, we have the experience to protect your business and mitigate cyber threats prior to impact. Contact us at info@libertyadvisorgroup.com to discuss customized cybersecurity solutions for your business.
ABOUT LIBERTY ADVISOR GROUP
Liberty Advisor Group is a goal-oriented, client-focused, and results-driven consulting firm. We are a lean, handpicked team of strategists, technologists, and entrepreneurs – battle-tested experts with a steadfast, start-up attitude. We collaborate, integrate, and ideate in real-time with our clients to deliver situation-specific solutions that work. Liberty Advisor Group has the experience to realize our clients’ highest ambitions. Liberty has been named as Great Place to Work, to the Best Places to Work in Chicago, and to FORTUNE’s list of Best Workplaces in Consulting and Professional Services.
1 https://www.zdnet.com/article/aws-said-it-mitigated-a-2-3-tbps-ddos-attack-the-largest-ever/
