Lloyd’s of London knows a thing or two about business losses—for three centuries, the world’s oldest insurance market has been paying out damages triggered by wars, natural disasters, and countless acts of human error and fraud. So, it’s worth paying attention when Lloyds estimates that cybercrime caused businesses to lose $400 billion between stolen funds and disruption to their operations in 2015.
If that number seems weighty—and it ought to—try this one for size: $2.1 trillion. That’s Juniper Research’s total cybercrime loss forecast for the even more digitally interconnected world projected for 2019. To put that figure in perspective, at current economic growth rates, it would represent more than 2% of total world GDP.
We are witnessing a colossal failure to protect the world’s online commerce.
At the heart of this failure lies the fact that the ongoing decentralization of our communication and business exchanges is in direct contradiction with the outdated centralized systems we use to secure them. Given that the decentralization trend is fueled by the distributed communications system of the Internet—one in which no central hub acts as information gatekeeper—what’s needed is a new approach to security that’s also based on a distributed network architecture. The good news is that we now have a framework for creating one. It’s called the blockchain.
Startups of all kinds are constantly pitching ideas for e-marketplaces and online platforms that would unlock new network effects by bypassing incumbent middlemen and letting people interact directly with each other. Although these companies are themselves centralized entities, the services they provide satisfy an increasing demand for more decentralized exchanges. This shift underpins social media, ride-sharing, crowdfunding, Wikipedia, localized solar microgrids, personal health monitoring, and everything else in the Internet of Things (IoT).
Yet, we continue to depend upon something we might call the centralized trust paradigm, by which middlemen entities coordinate our monetary transactions and other exchanges of value. We trust banks to track and verify everyone’s account balances so that strangers can make payments to each other. We entrust our most sensitive health records to insurance firms, hospitals, and laboratories. We rely on public utilities to read our electricity meters, monitor our usage, and invoice us accordingly. Even our new, Internet-driven industries are led by a handful of centralized behemoths to which we’ve entrusted our most valuable personal data: Google, Facebook, Amazon, Uber, etc.
Decentralization, meanwhile, is pushing the power to execute contracts and manage assets to the edges of the network, creating a proliferation of new access points. At the same time, we are concentrating ever-more sensitive data inside these centralized hubs. (Facebook accumulated 300 petabytes of its customers’ personal data in its first 10 years, a hundred times the amount of information that the Library of Congress has built up in 200 years.) For IT-savvy thieves, it’s the best of both worlds: more and more locations from which to launch surreptitious attacks and a set of ever-growing, centralized pools of valuable information to go after.
I believe this contradiction explains why cybercrime is constantly rising. And with the advent of IoT, when billions of nodes will live on automated devices that are constantly talking and trading with each other, it is going to surge even more. It’s also why the security firms contracted to protect the institutions that maintain the centralized trust paradigm are stuck in a game of whack-a-mole. Every time they plug a hole with a software solution, more threats open up elsewhere. And so, the ever-expanding list of data breaches goes on: Target, Home Depot, JPMorgan, Anthem, Mossack Fonseca, the Office of Personnel Management, the Democratic National Committee; the list goes on and on.
The solution the Internet always needed
The single most important driver of decentralization has been the fact that human communication—without which societies, let alone economies, can’t exist—now happens over an entirely distributed system: the Internet. The packet-switching technology that paved the way for the all-important TCP/IP protocol pair meant that data could travel to its destination via the least congested route, obviating the need for the centralized switchboard hubs that had dominated telecommunications. Thus, the Internet gave human beings the freedom to talk to each other directly, to publish information to anyone, anywhere. And because communication was no longer handled via a hub-and-spokes model, commerce changed, too. People could submit orders to an online store or enter into a peer-to-peer negotiation over eBay.
The problem was that in those early years, Silicon Valley had no distributed trust management system to match the new distributed communications architecture. Thirty years later, we finally have the conceptual framework for such a system, one in which trust need no longer be invested in a third-party intermediary but managed in a distributed manner across a community of users incentivized to protect a public good. Blockchain technology and the spinoff ideas it has spawned provide us with the best chance yet to solve the age-old problem of the Tragedy of the Commons.
This technology creates a mechanism by which people and institutions that would not otherwise trust each other can agree, in a constantly updated process, on a common record of events. The blockchain is an unbroken, sequential ledger that’s replicated in multiple copied versions and stored on multiple, independent computers. Each node runs the same open source software that dictates how to update the shared ledger with new transactions and how to arrive at a consensus on whether those updates are valid.
The blockchain came to us via bitcoin. Without the distributed ledger, there could not have been an ownerless, independent digital currency. There had to be a record-keeping system and a consensus-forcing mechanism for the community to verify changes in people’s holdings of that currency. Now, researchers and engineers are seeking to apply bitcoin’s cryptographically secured architecture to uses far beyond currencies.
Blockchain technology has the potential to create, for the first time ever, a record of history that no single person has the power to change. I say “potential” because this bold claim of “immutability” is still being tested. There is also much debate over the ideal blockchain structure. Bitcoin’s “permissionless” system is the most decentralized and, therefore, arguably, most secure. However, an inflexible codebase, governance structure, and limited data-handling capability make the incorporation of billions of tiny IoT transactions a somewhat inconceivable idea, at least for now. Ethereum offers an alternative public blockchain that’s more flexible for app designers to work with, but recent problems suggest developers need to resolve some significant security flaws. Another option is the kind of private and “permissioned” ledger structure pursued by the Wall Street consortium R3CEV. But that means compromising on decentralization. Meanwhile, other non-cryptocurrency models of decentralized Internet governance are also emerging. These include the IOTA “tangle” ledger for IoT transactions, the Inter-Planetary File System (IPFS) for a decentralized web, and Tim Berners-Lee’s Solid project for personal data management.
Somewhere in all these options, perhaps drawing parts from all of them, lies the ideal answer. But it’s important to recognize the standard set by bitcoin, which first demonstrated the possibilities for a distributed trust arrangement. Ever since its launch in 2009, there has been no successful cyberattack on bitcoin’s core ledger—despite the tempting bounty that the digital currency’s $9 billion market cap offers to hackers. (Note: all those hacks of bitcoin exchanges that held clients’ funds in badly managed, centralized systems—the Mt. Goxes and the BitFinexes of the world—don’t count. No one would say “the Internet got hacked” in reference to the security breaches at Home Depot, Target, and JPMorgan; the same goes for the underlying bitcoin system in these cases.)
Bitcoin has survived because it leaves hackers nothing to hack. The public ledger contains no personal identifying information about the system’s users, at least none of any value to a thief. And since no one controls it, there’s no central vector of attack. If one node on the bitcoin network is compromised and someone tries to undo or rewrite transactions, the breach will be immediately contradicted by the hundreds of other accepted versions of the ledger.
As we push the boundaries of the Internet’s possibilities, this kind of distributed trust model will be vital to what some call the “Internet of Value.” So much of what’s foreseen won’t be viable without distributed trust, whether it’s smart parking systems transacting with driverless cars, decentralized solar microgrids that let neighbors automatically pay each other for power, or public Wi-Fi networks accessed with digital-money micropayments. If those peer-to-peer applications were steered through a centralized institution, it would have to “KYC” each device and its owner—to use an acronym commonly used to describe banks’ regulatory obligation to conduct “know your customer” due diligence. Those same gatekeepers could also curtail competitors, quashing innovation. Processing costs and security risks would rise. In short, a “permissioned” system like this would suck all the seamless, creative fluidity out of our brave new IoT world.
Sensing these problems, developers are looking to blockchain technology as a potential decentralized solution for establishing trust among IoT devices. In early 2015, IBM unveiled a prototype that ran on the public blockchain of Ethereum. There’s still a lot to be learned from how models like IBM’s interface with an IoT ecosystem, but trials such as one underway in the Isle of Man could show a way forward. The devil will be in the details, but there’s a general view among many systems engineers that the blockchain’s distributed architecture offers a valid framework for tackling IoT’s security challenges.
Security by design
One way the blockchain could change online security dynamics is the opportunity to replace the flawed “shared-secret model” for protecting information with a new “device identity model.” Under the existing paradigm, a service provider and a customer agree on a secret password and perhaps certain mnemonics—“your pet’s name”—to manage access. But that still leaves all the vital data, potentially worth billions of dollars, sitting in a hackable repository on the company’s servers. With the right design, a blockchain-based system would leave control over the data with customers, which means the point of vulnerability would lie with their devices. The onus is now on the customer to protect that device, so we must, of course, develop far more sophisticated methods for storing, managing, and using our own private encryption keys. But the more important point is that the potential payoff for the hacker is so much smaller for each attack. Rather than accessing millions of accounts at once, he or she has to pick off each device one by one for comparatively tiny amounts. Think of it as an incentives-weighted concept of security.
This model could also marry our current era’s competing demands of privacy and transparency. While it’s vital that we protect our personal data—our most valuable asset in a digitally networked world—we need to give researchers access to some of it so they can devise better ways of organizing society and conducting business. Well, with the right encryption methods and private-key permissions, this new distributed architecture might let us have our cake and eat it, too. We could limit access to the sensitive details—who we are, our activity, what we own—but provide valuable metadata to third parties where it suits.
In sum, the blockchain offers a whole new way to think about security. As of now, companies treat their annual cybersecurity budget as a necessary evil: part of an ongoing cat-and-mouse game with attackers in which they build ever-more layers of protection around vulnerable troves of data and yet still suffer giant breaches. The blockchain and distributed systems like it are different: they offer security by design, not by patch.
This new paradigm will hopefully allow us to trust the information that devices and people generate from their future peer-to-peer transactions. It should also mean we can more safely build powerful analytics on top of that data: the machine learning algorithms that will scrape the Internet’s big data insights and use them to make investment decisions on our behalf, or the actions that health officials make based on signals from millions of Fitbits.
If we are to make the most of the powerful new technologies in our midst, it’s vital that we secure our online transactions and protect our personal information from malevolent forces. Distributed trust technologies such as the blockchain are pointing us in that direction. With their help, we can lower the burden of security and instead focus on the Internet’s promise of a more level playing field and opportunities for all.
- Decentralized Applications, by Siraj Raval.