Usually, data leakage costs a company around $3.85M per attack. When we take into account that in 2022 alone, there were over 1800 such breaches reported worldwide (and many more that were unrevealed), we’ll be able to understand how big and urgent the problem we face.
Unfortunately, there are no perfect and 100% effective solutions that could help companies protect themselves from bad cyber actors. Especially since the innovativeness of the cybercrime space seems to outperform most industries. There is, however, one emerging way to at least mitigate cyber risks. And, as you may have predicted, it relies on blockchain technology and its unique primitives.
Before we get into blockchain’s potential to impact cybersecurity, we need to assess whether the technology itself is as secure as we may expect. Especially since many companies and business individuals associate crypto and web3 with hacks and market turmoils rather than tools that could actually make them more resilient.
First, we must distinguish between the centralized nature of many crypto projects and blockchain technology in its pure form. Most of the security problems of the web3 industry were triggered by bad actors and very limited implementation of blockchain primitives. Such events like the FTX collapse or Celsius and BlockFi bankruptcies came from financial greed and too centralized structure of these entities to make fraud prevention possible.
Obviously, we’ve also experienced violations related to the technology itself – primarily because of smart contract vulnerabilities. We’ve all heard about the infamous DAO hack in 2016, Balancer issues in 2020, or the robbery of over $600M from Axie Infinity sidechain (Ronin). However, the more mature the industry (and a protocol), the more resilient to attacks it becomes – mostly due to systematic code reviews and security audits that are becoming one of the web3 standards.
Moreover, the blockchain itself serves as a very resilient technology (especially when it doesn’t support smart contracts). Its decentralized nature and transparent record-keeping make it extremely difficult for hackers to compromise the system, as there is no central point of failure.
Furthermore, the intricate cryptography that underlies the entire technology, as well as the complexity (and very high impracticability) of 51% attacks additionally enhances blockchain’s security. Then, it’s no surprise that businesses from all over the world see distributed ledger technology as a potential solution to their cybersecurity problems.
It’s a common view that blockchain is basically secure by design. However, all the past breaches and hacks, as well as general concerns over DLT, suggest that pure technology won’t solve all the security concerns – especially when faced with people’s greed and bad intentions. Hence, blockchain must be designed for security. And the examples below show how it can be done.
If we think of blockchain, decentralization is undoubtedly one of the first things that come to our minds. No single point of failure and no single point of control make this technology more secure and resilient than any traditional data storage solutions – no matter how much they’re protected with money and armies of cybersecurity experts.
In a traditional centralized system, the entire mechanism becomes vulnerable if the central server is compromised. With blockchain, the data is stored on multiple nodes, making it more difficult for an attacker to damage the system. And solutions built this way are already working – both Filecoin and Arweave utilize decentralized data storage, making information leaks more unlikely than ever.
Cyber hacks are, however, not only about data leaks. With the digitalization of information (e.g., in healthcare, real estate, and administration), there is a growing risk of manipulation and fraudulent changes in the records.
The immutability of blockchain addresses such concerns. A distributed ledger allows for the creation of audit trails and ensures that information is secure and tamper-proof.
Blockchain’s immutability has already been recognized by the Estonian government, which decided to use DLT to enforce the integrity of government data and systems. Such a solution benefits not only the administration. The main beneficiaries are citizens who can rely on their government without the need to actually trust it.
There is yet one more blockchain primitive that can drastically enhance cybersecurity or, at least, help companies track malicious activities. The distributed ledger’s transparency makes it difficult to alter records without being detected.
Imagine if Target, the US retail giant used blockchain in 2013 when it experienced one of the most significant data leaks to date. Hackers managed to steal nearly 40 million credit and debit card records, forcing the company to pay $18,5M of settlements to their disgruntled customers. The hack was possible due to the vulnerability in Target’s payment system that could be easily spotted on a transparent blockchain.
However, it’s not only traditional companies that experience such attacks. In 2014, the Mt. Gox Bitcoin exchange suffered a massive hack that resulted in the theft of approximately 850,000 BTC. The hack went undetected for several years.
Later, it was discovered that the exchange had been manipulating its own records to hide the fact that it had lost a significant number of BTC. If Mt. Gox had used a blockchain-based system to record all transactions, the hack and manipulation would have been detected much earlier, and the loss of funds could have been significantly reduced.
In the world of fake news and information overload, there is an additional area that blockchain can vastly improve – identity management. Thanks to this technology, users can control and manage their digital IDs in a secure and decentralized manner. It prevents them from identity theft and losing access to credit cards, emails, or social media accounts. Whoever experienced such fraud knows how stressful and dangerous it can become.
Fortunately, the blockchain identity management space is growing at a fast rate. For example, Sovrin Foundation already uses blockchain to create a decentralized digital identity network that allows users to control and manage their digital identities. They try to integrate such solutions into the administration systems of countries and provinces that experience identity thefts on a daily basis.
A good example is British Columbia – due to the specific nature of Canadian people (they’re more willing to trust other people than many different nationalities), such frauds are becoming a daily routine there. Sovrin’s solution, however, should help the local government prevent identity thefts and stop bad actors from exploiting people’s positive attitudes toward other human beings.
Cybersecurity may not be the most exciting sector of crypto projects for investors, but it can certainly become one of the utmost importance when it comes to blockchain adoption. In the coming years, the Internet won’t get any safer – as we mentioned, innovation in the fraud space is booming. Hence, to protect both companies and individuals from hacks without compromising their freedom, businesses and governments will have to implement more effective solutions than centralized security systems. And blockchain, with its decentralized and immutable structure, serves as a great remedy for such problems.
 51% attack – a specific type of attack on a blockchain network that allows an attacker to take control of the network by controlling the majority of the network’s computing power, or hash rate.
 DLT – an acronym for Distributed Ledger Technology.