Blockchain has been touted in many places as the next step in cybersecurity innovation. With the success of Bitcoin and Blockchain’s apparent structural resistance to cyber-threats, many companies are investigating its use for secure data storage. Lockheed Martin has recently announced they are hiring a company to provide blockchain cybersecurity, and with increasing reports of data breaches, finding new ways to thwart cyber-threats is on everyone’s mind.
So what are some of the advantages to Blockchain and is the news all-good, or is there a downside as well?
What are the advantages?
Blockchain has some inherent structural advantages over the traditional method of data storage when it comes to cyber forensics and cyber threats.
Traditional Data storage is centered on a large pool of centrally located data that is accessed through traditional login and passwords. Traditional hacking is based on finding an access point to connect to the network, whether through stealing someone’s login and password or having someone unwittingly download malware into an organization’s information system. Whatever the method, the idea is to access the sequestered pool of data.
Blockchain structure is different. Instead of a single pool of data; blocks of information are sent out on a peer to peer network with many different nodes. Each block of information is identical. All the nodes are connected by a secure validation method. To hack the system and change information in the chain would mean changing all the nodes in the system at once.
The Network of nodes validates each transaction and then encapsulates the information within a block and adds it to the chain. Each block is sealed with cryptographic algorithms and ordered by time.
This means that if data is corrupted in one node, it can be traced to a particular node and time. When, and where, and what change happened, is much more obvious on a blockchain, and aberrant information can be ignored by the rest of the blockchain. Work can continue as usual.
Because of the security implications of blockchaining information places as far flung as Switzerland, and as close as Illinois are exploring using blockchain as a way to store identification data, such as birth certificates.
However, what are the concerns?
Blockchain doesn’t protect the individual person from losing or revealing private keys to a hacker. You may not be able to recover data if you lose your encrypted key. For example, if you were using Bitcoin, this would be the equivalent of losing your wallet. Even if nobody else found it. It’s gone.
Blockchain data is big. Each added block adds to the amount of data that each node has to store. This is something that blockchain proponents will have to deal with as time goes on. Blockchains can be slow; at least in comparison to the instant gratification you get with data transactions located in a single source.
The slow speed of the block chain can create an opportunity for hackers. According to Rob Blasetti at Blockgeeks.com “Transactions can be made instantaneously, however until the block in which the transaction is inserted in has been verified, it is classified as untrustworthy. In the time between a lodged transaction is made and when the block settles, a bad actor could launch fraudulent transactions to trick the network into what is known as a double-spend.”
Blockchain relies on having a large number of nodes in its system. The larger the number of nodes the safer it is against attack on any one node. A hacker can only have an impact on the system if they can gain control of 51% of the nodes, consequently, the smaller the number of nodes, the less safe it is.
So, Blockchain has some inherent strengths in being able to protect and store vital information. It is not infallible, particularly on an individual level. However in a large system and with large usage, the implementation of blockchain technology will help to secure personal data in the future. It has some drawbacks that may not make it suitable for every industry and it has strengths that make it ideal for other new industries. It does, however add a significant new element into the cybersecurity world and it will be interesting to see how it will be utilized and developed outside of Bitcoin and the financial world.