In October 2020, Google publicly disclosed details about a cyber attack that occurred in September 2017. It reported that it was a distributed denial-of-service (DDoS) attack from a foreign country that lasted a total of six months and was the largest attack of its kind ever.
Hackers exploited the decentralized nature of the Internet to both maintain anonymity and overcome resistance to the attack. A common approach to DDoS attacks is to infect multiple nodes in multiple domains to form a semi-coordinated network called a "botnet". These independent bots are then hijacked to launch attacks against more centralized targets, often giving hackers an asymmetric advantage. More distributed software deployments, database management and security protocols can reduce the vulnerability of targets by extending the attack surface and reducing the reliance on centralized trust.
The key to this decentralized approach is that this is a solution that already has multiple features for which regional chains can defend against attacks.
The asymmetric threat landscape
While Google withstood the 2017 attack, it was unprecedented in scale. At the peak of the attack, it reached 2.5 Tbps (a metric for comparing DDoS attack events), four times as fast. In the last 10 years, the number of DDoS attacks has grown even more exponentially.
The purpose of a DDoS attack is to limit or completely shut down traffic to a target network or service by sending false requests from multiple malicious infected sources to the target network or service. The decentralized nature of these attacks makes them difficult to defeat, as they have no single source that can be stopped.
Instead, the targets of cyber attacks are largely more concentrated. Servers typically reside behind a limited number of IP addresses, providing a centralized attack surface where compromised passwords or password credentials can expose an entire database. Hackers can simultaneously control or restrict access to a large number of resources for ransom.
To combat hackers, designs are moving away from the traditional centralized trust model to a more "untrustworthy" approach, especially with respect to security protocols. Assigning trust through consensus to verify important elements such as access, authentication and database transactions is a function for which blockchain is best suited.
Blockchain is more than just encryption
Over a decade ago, blockchain became essentially synonymous with cryptocurrency in public parlance. However, in addition to crypto-like smart contracts, non-fungible tokens (NFTs), decentralized financing and distributed software, other blockchain applications such as Ethereum have emerged as various use cases on other platforms.
The decentralized, consensus-driven and lack-of-trust nature of blockchains makes them inherently resilient to attacks. For those blockchain solutions that leverage proof-of-work verification methods (such as Bitcoin), hackers must gain control of most nodes to disrupt ledger transactions - a computationally expensive approach by design. This computational cost can be extended to other types of operations in a security solution, thereby reducing the need for a central authority.
Many DDoS attacks leverage Internet Domain Name Servers (DNS) - mapping IP addresses to readable website names. By moving the DNS to the blockchain, resources can be spread across multiple nodes, making it impossible for an attacker to control the database. Yet simply building databases or applications on the blockchain does not necessarily make them invulnerable. Hackers are very persistent, and they are becoming more powerful adversaries as governments become increasingly involved in cyber warfare.
The process of building blockchains can be enhanced with AI to detect and prevent malicious data manipulation. Moreover, AI built specifically to protect systems or databases can be implemented on a more distributed model. As blockchain applications, there is no need to trust nodes to remain intact.
The future will go decentralized
DDoS, data breaches, ransomware attacks, social media phishing, and even direct cryptocurrency mining attacks are on the rise, costing victims hundreds of billions of dollars a year. The increasing frequency, sophistication, scale, and economic consequences of cyberattacks have the public increasingly worried, and governments and private organizations are looking for ways to keep up with the evolving threat.