Why blockchain may be blockchain’s best cybersecurity option
With new and emerging security threats to blockchain projects, it’s time to consider building decentralized security applications.
(The following article from our Chief Architect, Jong Kim, was featured on Network World.)
One of the hallmark features of blockchain is that it is supposedly much more secure, adding remarkable levels of transparency that could help better identify and mitigate cyber threats. But, at a time when we’re approaching 2,000 blockchain projects in development worldwide, watching thousands of crypto miners do their thing each day and seeing billions of investment dollars pouring in each year, are we taking warnings about potential threats seriously? Has the greater community taken some aspects of blockchain’s security for granted? The hard truths reveal affirmatives to both questions.
There are multiple ways that enthusiasts can contribute to their favorite blockchain projects — whether that’s mining, staking or operating all types of nodes. Regardless of what they’re doing, these private deployments require an investment of time, money and effort to set up, so the last thing anyone wants is to fall victim to hackers. Unfortunately, people often don’t invest as much energy in securing their deployments as they do in getting their different features to work and scale, making the hacker threat very real.
Various attacks have already been seen on mining software, and there have been multiple high-profile thefts that were worth a lot of money. Tokens in staking wallets make very attractive targets. Malicious actors have successfully infected enterprise infrastructures with sneaky mining malware, called cryptojacking; and in 2016, Hong Kong-based exchange platform Bitfinex was hacked, resulting in more than $60 million (at the time) of crypto losses. The fact is that a victim may not even realize they’ve been hacked until it’s too late. Savvy hackers are careful to cover their tracks and siphon only a portion of tokens at a time.
Another emerging security challenge in the crypto community is the potential exposure of sensitive metadata through common actions like checking balances, initiating transactions or just receiving block updates. This was recently called out by Ethereum Core Developer Peter Szilagyi. While metadata may seem harmless, it can lead to exposing the physical location of a blockchain deployment, which is something most would prefer to avoid. Why is it important to call out some of these threats?
The difficulty of securing blockchain projects with traditional security applications
Addressing these and other threats today can lead you down a rabbit hole. Some of the chatter on BitcoinTalk forums reveals useful advice — often learned the hard way — about using virtual private networks (VPNs) and firewalls to secure deployments. However, these discussions are often light on more specific details, especially on adequately configuring protective applications. As you dig deeper, you can get lost in threads upon threads detailing which ports need to be opened for each blockchain and which should be locked down. That’s all to say that solutions like traditional VPNs and firewalls to protect blockchain networks are possible solutions, but it’s difficult, messy and sometimes fragile. And it’s not just necessarily fragile in the sense of penetrable, but even more so in that one misstep or misconfiguration could open the door to vulnerabilities. What you’re left with is a security fig leaf: a false sense of safety actually covering for a gaping hole.
Then there is the centralized nature of network traffic management itself, as it is largely managed by a few centralized internet service providers (ISPs), which are vulnerable to threats like routing attacks. In fact, research previously suggested that just 13 ISPs host 30 percent of the Bitcoin network, while just three ISPs route 60 percent of the transaction traffic.
Making blockchain work for blockchain
So how can we be sure that the networks blockchain developers and crypto miners use are secure? The answer may be to fuse network security directly into blockchain implementations. For example, secure channels for data transport using packet-level encryption can be enabled by default for any deployment, rather than enabling with a separate solution like a VPN. VPNs not only require specialized knowledge to set up and maintain, but also introduce a central authority and point of failure into an otherwise decentralized system. Isn’t decentralization one of the main points of blockchain?
It’s also essential that peers establish secure connections between all nodes in a network so traffic is securely transported. Many existing networks may have transport layer security (TLS) for encryption, and some networks still have its predecessor, secure sockets layer (SSL). But neither may be enough in today’s complex cybersecurity environment, especially as it relates to metadata. Instead, directly building in things like network layer virtualization and traffic proxying within a blockchain implementation would make protecting traffic much easier.
Speaking of protecting traffic, by managing traffic routing and packet processing with rules stored in blockchain-based smart contracts, users could simplify deployment and maintenance of rules across multiple machines instead of updating them individually. Furthermore, this configuration allows developers to define their own network traffic rules, such as conditioning on packet-level features to spot common phishing strategies (e.g. a misleading website, similar to a trusted one, is sent to lure in a user). However, these framework ideas are just the beginning, especially with an enthusiastic blockchain developer community. Developers should take the initiative to build their own decentralized security applications for anti-phishing, anti-malware, intrusion detection and distributed VPNs to deploy on the global blockchain.
The bottom line is that it’s not enough to just trust blockchain’s security because of more transparency than other technological data security and privacy methods. Developers, miners and even enterprises need to look at the entire digital ecosystem when considering security, as every single point provides savvy hackers a weak link to exploit. As blockchain investment continues to skyrocket and the crypto markets continue to diversify — even with the recent slowdown — we will see more unique and sophisticated examples of cyber criminals penetrating blockchain’s security veneer.
That’s the paradoxical ratio of technology: for as many positive innovations that tech creates, there almost is an equal amount of sinister “innovations” to match. This is most certainly true regarding blockchain. The key is to keep discussing threats to blockchain to inspire those securing it.