At a time when devices, including those dealing with security, are becoming more and more connected, their security has become a major concern. In this regard, blockchain can come in to help.
Needless to say, IoT security issues can impact end user organizations in a number of ways. At a time when devices, including those dealing with security, are becoming more and more connected, their security has become a major concern. In this regard, blockchain can come in to help.
Today, devices are increasingly migrating to the network. These include security devices from video cameras to access control readers. While this deliver convenience for the end user, IoT security issues inevitably arise. The
2016 DDoS incident in which IP cameras and recorders were used to launch attacks against an Internet management company, resulting in shutdowns of several famous sites, is a vivid example.
“If my time as a Cyber Special Agent in the FBI taught me anything, it’s that any device can (and will) be compromised, and IP cameras, smart homes, and IoT devices are no exception,” said Jason Truppi, Partner at
TLDR, a security consultant. “IoT devices are quickly outnumbering traditional computers, servers, desktops, and laptops connected to the Internet, which is shifting the way we have to think about the problem of host-based security. A simple vulnerability on a single user device has little to no effect, but that same vulnerability on a large number of devices can be very powerful and potentially dangerous to the core operations of the Internet.”
How blockchain can help
This is where blcokchain can come in handy. According to a
blog post by
Steel Kiwi, blockchains are distributed networks that can have millions of users all over the world -- every user can add information to the blockchain and all data in the blockchain is secured through cryptography. “Every other member of the network is responsible for verifying that the data being added to the blockchain is real. This is done using a system of three keys (private, public, and the receiver’s key) that allow members to check the veracity of the data while also confirming who it comes from,” the post said.
This nature of blockchain makes it extremely invulnerable to hacking. “In order to destroy or corrupt a blockchain, a hacker would have to destroy the data stored on every user’s computer in the global network. This could be millions of computers, with each one storing a copy of some or all the data. Unless the hacker could simultaneously bring down an entire network (which is near impossible), undamaged computers, also known as ‘nodes,’ would continue running to verify and keep record of all the data on the network,” the post said. “The impossibility of a task like taking down a whole chain increases along with the amount of users on a network. Bigger blockchain networks with more users have an infinitely lower risk of getting attacked by hackers because of the complexity required to penetrate such a network.”
Truppi agrees. “Blockchain can help the IoT market by decentralizing communications between devices, allowing them to self-manage functions independent of an intervention from an administrator. A decentralized network could also better support communication between a large number of devices and their volume and velocity of data. This channel for communication could allow group-determined actions to be sent to hosts to update firmware and/or software or remediate infections,” he said.
However, Truppi mentions this would rely on another communication channel that is equally prone to compromise by attackers. He concludes by saying that while blockchain may be effective in protecting against cyberattacks, it’s not a cure-all for all IoT security issues. “Blockchain is certainly one potential technology that can support a massive global network of devices at scale, but it’s too early to tell whether it’s the ultimate solution to the problem,” he said. “It’s hard to know whether the ability to keep IoT secure will be better through blockchain, but it’s certainly a place to start.”