It’s hard to escape the notion that security in today’s digital world is fundamentally broken. The stronger the defenses that are erected around the digital assets of corporations, the more prevalent are the attacks from hackers. The smarter that employees get about protecting passwords and devices, the more ingenious that the attacks become. That reality has led many Internet security researchers to the conclusion that the blockchain could represent the future of cyber security.
What is the blockchain and why does it matter?
To understand why the blockchain holds so much allure, you first have to understand why it is so fundamentally different from any other preceding system – including the modern Internet. The blockchain is a decentralized, digitized, highly distributed public ledger. This distributed ledger technology might not sound like a breakthrough, but you’d be mistaken. It means that there is no central point of attack for a hacker. Stealing data requires more than just getting access to one database – it means getting access to hundreds, if not thousands, of different copies of that database. Moreover, it means that if even a single “block” of data is changed in any of those databases, the entire system will know.
Now, contrast that decentralized, distributed architecture with a centralized, Internet-based architecture. While most people conceive of the Internet as a globally distributed, decentralized architecture, the reality is that, for the purposes of security, the Internet is actually a very centralized data security architecture with multiple points of failure. There is always a known point of entry to any corporation (such as a central server), and there is always one location where the digital assets or transaction data are located (a central database). In many ways, hacking a corporation is like robbing a bank – the security defenses might seem impregnable to a casual bystander, but there is always a front door inside the bank, and once you’re inside the bank, there’s always the bank vault where all the cash is.
Blockchain technology and cyber security
Thus, you can immediately begin to grasp why blockchain solutions are being embraced by security vendors around the world. Implementing a blockchain-based security system fundamentally changes the game for cyber security, presenting a nearly impossible task for cyber thieves. Using the bank robber analogy, it would be equivalent to robbing thousands of banks, all at the same time, and not triggering a single alarm mechanism of any kind while doing so. Technically, the feat might be possible – although there has not yet even been a major hack of a blockchain security system. The problem, from the perspective of hackers at least, is that it is really a problem of resources. It’s the reason why nobody has ever hacked Bitcoin, the cryptocurrency powered by public blockchain technology.
There are several important ways that blockchain technology is being applied by cyber security companies in the field to create private blockchain solutions:
- Creating peer-to-peer consensus mechanisms to reduce fraud
- Deterring data tampering
- Ensuring that there is no single point of failure
- Creating end-to-end privacy and encryption
And, perhaps just as important, the blockchain is removing the human factor in the cyber security equation. Security researchers have long maintained that it is humans (not machines) that are the real weakness of any centralized security architecture.
The classic example here, of course, is how easy it is for hackers to obtain user passwords. Either the passwords are too easy to guess (many users just rely on very simple passwords that they won’t forget), or they are too easy to steal. A simple “phishing” email sent to a corporate employee may be all that’s needed to get access to an important password, and from there, a hacker has the keys to the digital kingdom.
Companies at the forefront of blockchain and cyber security
The really exciting part about the blockchain and cyber security is that it has already transformed from being just a theoretical or academic construct into a real-world, practical application. For example, Guardtime, a blockchain cyber security company founded by a renowned Estonian cryptographer, has been securing all of Estonia’s 1 million patient health records since 2016. Contrast that situation to the one in the United States, where hackers continue to infiltrate the nation’s digital health records with various data breaches. In short, Guardtime makes it impossible for hackers to launch the types of ransomware attacks that have become commonplace elsewhere.
Moreover, another blockchain cyber security company, Obsidian, is now protecting the privacy and security of chats and instant messages. This ensures that all personal communication is completely private and protected, free from the wandering eyes of hackers and potential government censors. Another blockchain cyber security company, REMME, is working to make passwords obsolete. The company can now authenticate any digital device without the use of a password, thanks to the use of private keys. This is a breakthrough, and means that there is no longer a single point of attack for would-be cyber thieves.
The blockchain, cyber security and the Internet of Things
Securing the world’s computers is one thing, but securing the Internet of Things is another thing entirely. In part, that is due to the sheer scale of the Internet of Things, which will include tens of billions of devices by the year 2020. And, in part, it is due to the fact that many devices on the “extended edge” of networks – such as sensors – simply lack the computing power to become part of the blockchain. Add in the fact that nearly 50 percent of companies experimenting with the Internet of Things have reported some form of data breach or security intrusion in recent years, and you can start to see the scale of the problem.
The good news, though, is that the blockchain would appear to be the perfect type of security architecture for the Internet of Things, due to its highly distributed nature. And, from a cost perspective, it is also quite appealing, since it could mean the end of high infrastructure and maintenance costs, as well as the end of large, expensive server farms and costly networking equipment.
Going forward, there is reason to be optimistic about the future of cyber security. In today’s world, there is always a “weak link” in the chain that hackers can exploit. In a blockchain world, there are no longer any weak links and every action taken on the blockchain is part of a completely verifiable and trackable digital ledger. Once hackers know that a company is protected by blockchain technology, they may turn their attention elsewhere, in search of easier targets.