The blockchain is a developing technology, one that can make the web much more secure, so how can it be practically implemented into your cybersecurity?
1. How Blockchain Can Improve Your
Cyber Security
The blockchain is a developing technology, one that can make the web much more secure, so
how can it be practically implemented into your cybersecurity?
What Is A Blockchain?
Blockchains are distributed (or peer-to-peer) networks. Every user can add information to the
blockchain, and every user of the network is responsible for verifying that the data being added
is real. To form a blockchain, users utilise powerful computers to perform complex mathematical
problems, once the problem is solved it forms a block, which then gets added onto the chain of
already performed calculations, which gradually become more difficult. This data remains on the
network forever, it cannot be altered or removed.
Public And Private Blockchains
Public blockchains allow any and every user to join the blockchain, there is no organisation or
individual that controls the blockchain. Public blockchains use the internet to allow connections
to take place, from which everyone can view, create and verify data, a primary example of this is
Bitcoin. Because of the typically high number of nodes on a public blockchain, they are resilient
to cyberattacks as attackers require control over half of the network in order for them to be able
to manipulate the ledger. However, public blockchains are very inefficient and slow, due to the
large number of users attempting to reach a consensus, this also leads to a large amount of
energy consumption.
Private blockchains have a single entity that restricts what users are permitted to access the
network and what users can do on the network, such as whether they can view, create and/or
verify data, this allows businesses and organisations to utilise blockchain technology in a private
environment. Because there is only one entity that controls the network, attackers are unable to
manipulate the ledger by taking a majority, however, this makes phishing attacks very effective.
2. On the other hand, private blockchains are much faster and more efficient than public
blockchains and use far less energy.
Decentralised Storage
With decentralised storage there comes some risk. For example, decentralised storage will
increase the number of attack vectors for attackers. However, a decentralised storage system is
highly resilient, so even if the system is exposed, it will be very difficult for the attacker to
change or remove any data stored on the blockchain. This is because each node (a user that
offers storage space) independently verifies every piece of data throughout the system. This
means that as long as one unaffected node remains within a network (that may number in
millions) all data can be restored.
Prevent DDoS Using Decentralized Nodes
Distributed Denial of Service (DDoS) attacks have the goal of overloading a network with so
much data that it cannot process the data fast enough, causing a slowdown or crash for the
system. By using a decentralised blockchain system, the network has much more resources
available to it, meaning that attackers require a lot more resources to have any effect. When one
node is attacked and overwhelmed, another totally separate node will take its place to process
the data. This will continue until all nodes on the network are overwhelmed, but on a
decentralised network, the number of nodes can number in the millions.
Attacking Blockchains
Phishing attacks are scamming attempts where the attacker pretends to be someone of
authority, such as an employee's boss or a computer technician, or maybe by using a fake
replica website in order to steal data such as account details.
Routing attacks are where data that is in transit to and from the user is intercepted, and can be
analysed or modified by the attackers to their advantage, routing attacks are also difficult to
detect as there are little to no signs to the victim that there is an attacker.
Sybil attacks use many false network identities to flood a network and crash the system, similar
to a DDoS attack (the name Sybil is a reference to a book character diagnosed with a multiple
identity disorder).
51% attacks happen when attackers manage to pool enough resources together that they are
able to provide more than 50% of the network’s mining power. Having more than 50% of the
power gives the attacker control over the ledger and they are able to manipulate it.
Because of the blockchain’s tendency to be more secure than your average network, attackers
will instead attack the external connections to the blockchains, such as cryptocurrency
exchanges and cryptocurrency wallets, so far, many millions have already been stolen.
Attackers manage this through 3 primary methods, one method is by stealing private keys, keys
are personal digital signatures that are used to access cryptocurrency wallets. A second method
is to hack an employee account for one of the exchanges, which may give the attackers access
to user data and thereafter, user accounts and wallets. The third attack method is through code
3. exploitation, where attackers find a security hole in the code of an exchange and utilise this to
their benefit.
Due to these external attacks, users will lose lots of personal funds, which leads to users
quitting the blockchain network as they no longer have much of a financial incentive if all of their
funds are going to be stolen afterwards anyways. As an attempt to retain users, companies may
cover the lost user funds, but this is an expensive solution, and if the security is not improved
then these attacks become frequent, and the company may run out of funds to repay user
losses.