How Blockchain Can Improve Your Cyber Security
The blockchain is a developing technology, one that can make the web much more secure, so how can it be practically implemented into your cybersecurity?
What Is A Blockchain?
Blockchains are distributed (or peer-to-peer) networks Every user can add information to the blockchain, and every user of the network is responsible for verifying that the data being added is real To form a blockchain, users utilise powerful computers to perform complex mathematical problems, once the problem is solved it forms a block, which then gets added onto the chain of already performed calculations, which gradually become more difficult. This data remains on the network forever, it cannot be altered or removed
Public And Private Blockchains
Public blockchains allow any and every user to join the blockchain, there is no organisation or individual that controls the blockchain. Public blockchains use the internet to allow connections to take place, from which everyone can view, create and verify data, a primary example of this is Bitcoin. Because of the typically high number of nodes on a public blockchain, they are resilient to cyberattacks as attackers require control over half of the network in order for them to be able to manipulate the ledger However, public blockchains are very inefficient and slow, due to the large number of users attempting to reach a consensus, this also leads to a large amount of energy consumption
Private blockchains have a single entity that restricts what users are permitted to access the network and what users can do on the network, such as whether they can view, create and/or verify data, this allows businesses and organisations to utilise blockchain technology in a private environment. Because there is only one entity that controls the network, attackers are unable to manipulate the ledger by taking a majority, however, this makes phishing attacks very effective
On the other hand, private blockchains are much faster and more efficient than public blockchains and use far less energy.
Decentralised Storage
With decentralised storage there comes some risk For example, decentralised storage will increase the number of attack vectors for attackers. However, a decentralised storage system is highly resilient, so even if the system is exposed, it will be very difficult for the attacker to change or remove any data stored on the blockchain This is because each node (a user that offers storage space) independently verifies every piece of data throughout the system. This means that as long as one unaffected node remains within a network (that may number in millions) all data can be restored
Prevent DDoS Using Decentralized Nodes
Distributed Denial of Service (DDoS) attacks have the goal of overloading a network with so much data that it cannot process the data fast enough, causing a slowdown or crash for the system. By using a decentralised blockchain system, the network has much more resources available to it, meaning that attackers require a lot more resources to have any effect. When one node is attacked and overwhelmed, another totally separate node will take its place to process the data. This will continue until all nodes on the network are overwhelmed, but on a decentralised network, the number of nodes can number in the millions
Attacking Blockchains
Phishing attacks are scamming attempts where the attacker pretends to be someone of authority, such as an employee's boss or a computer technician, or maybe by using a fake replica website in order to steal data such as account details
Routing attacks are where data that is in transit to and from the user is intercepted, and can be analysed or modified by the attackers to their advantage, routing attacks are also difficult to detect as there are little to no signs to the victim that there is an attacker.
Sybil attacks use many false network identities to flood a network and crash the system, similar to a DDoS attack (the name Sybil is a reference to a book character diagnosed with a multiple identity disorder)
51% attacks happen when attackers manage to pool enough resources together that they are able to provide more than 50% of the network’s mining power Having more than 50% of the power gives the attacker control over the ledger and they are able to manipulate it
Because of the blockchain’s tendency to be more secure than your average network, attackers will instead attack the external connections to the blockchains, such as cryptocurrency exchanges and cryptocurrency wallets, so far, many millions have already been stolen
Attackers manage this through 3 primary methods, one method is by stealing private keys, keys are personal digital signatures that are used to access cryptocurrency wallets A second method is to hack an employee account for one of the exchanges, which may give the attackers access to user data and thereafter, user accounts and wallets. The third attack method is through code
exploitation, where attackers find a security hole in the code of an exchange and utilise this to their benefit.
Due to these external attacks, users will lose lots of personal funds, which leads to users quitting the blockchain network as they no longer have much of a financial incentive if all of their funds are going to be stolen afterwards anyways As an attempt to retain users, companies may cover the lost user funds, but this is an expensive solution, and if the security is not improved then these attacks become frequent, and the company may run out of funds to repay user losses