Robert Napoli | March 4th, 2022
Robert Napoli is a nationally recognized business strategist who writes about cybersecurity and digital transformation.
In October 2020, Google publicly disclosed the details of a past cyberattack that was launched against its servers in September 2017. The report described the incident as a distributed denial-of-service (DDoS) attack of foreign origin that ramped up over a six-month campaign. It was the largest attack of its kind on record.
A February 2020 DDoS attack on an Amazon Web Services (AWS) customer was the largest executed against AWS — and one of the largest publicly-disclosed attacks on anyone up to that time.
Last September, Russian-based search engine Yandex was hit with the largest ever DDoS attack on the Russian segment of the internet.
Bad actors take advantage of the decentralized nature of the internet to both maintain anonymity and overcome resistance to their attacks. A common DDoS method works by first infecting multiple nodes over a variety of domains to form a semi-coordinated network called a “botnet.” These individual bots are then hijacked to launch attacks against targets that are much more centralized, often giving hackers an asymmetric advantage.
More distributed software deployment, database management and security protocols could render targets less vulnerable by spreading attack surfaces and relying less on centralized trust. The key to this decentralized approach may lie in a solution that already has multiple features that make it resilient to attack: blockchain.
The Asymmetric Threat Landscape
Ultimately, Google was able to withstand the 2017 attack, but what made it remarkable was its unprecedented magnitude. At its peak, the attack was measured at 2.5 Tbps (terabits-per-second, a metric for comparing DDoS incidents), smashing the previous record fourfold. That data point was part of a trend that has amounted to an exponential increase in DDoS attack volume over 10 years.
DDoS attacks are designed to throttle or completely shut down the traffic on a targeted network or service by flooding it with false requests from multiple maliciously infected sources. The decentralized nature of these attacks makes them difficult to thwart because there’s no single point of origin to block.
Conversely, the targets of cyberattacks are largely more centralized. Servers often reside behind a single or limited number of IP addresses, providing a concentrated attack surface. Compromised passwords or cryptographic credentials can expose entire databases of valuable information. Hackers can take control of, or restrict access to, a large number of resources all at once, holding them for ransom.
To level the playing field against hackers, designs are moving away from the traditional model of centralized trust, which creates a single point of failure, and toward a more “trustless” approach, especially with regard to security protocols.
Distributing trust through consensus to validate important elements like access, authentication and database transactions is a function that blockchain is uniquely suited for.
Blockchain Is More Than Just Crypto
When blockchain gained notoriety as the basis for Bitcoin just over a decade ago, it became largely synonymous with cryptocurrency in public parlance. But additional blockchain applications like Ethereum have emerged as platforms for a variety of use cases beyond just crypto-like smart contracts, non-fungible tokens (NFTs), decentralized financing and distributed software, to name a few.
The decentralized, consensus-driven, trustless nature of blockchain makes it naturally resilient to attack. For those blockchain solutions utilizing proof of work validation methods (such as bitcoin), hackers have to gain control of a majority of nodes to compromise ledger transactions — something that is, by design, computationally expensive. This computational cost can be extended to other types of operations in a security scheme, reducing the need for a trusted central authority.
Many DDoS attacks exploit internet domain name servers (DNS) — which map IP addresses to readable website names. By moving DNS to blockchain, resources can be spread to multiple nodes, making it infeasible for attackers to control the database.
Just building databases or applications on blockchain won’t necessarily make them invulnerable. Hackers are nothing if not persistent, and with governments increasingly engaging in cyberwarfare, they are formidable adversaries.
The process of building blockchains can be enhanced through Artificial Intelligence (AI) to detect and prevent nefarious manipulation of data. And AI purpose-built to secure a system or database can be implemented on a more distributed model as a blockchain application that doesn’t require trusted nodes to remain intact.
Toward A Decentralized Future
DDoS, data breaches, ransomware attacks, social media phishing and even direct cryptocurrency mining attacks are all on the rise, costing victims hundreds of billions of dollars each year. The growing frequency, sophistication, size and financial consequences of cyberattacks have the public increasingly concerned, with both government and private organizations looking for ways to keep up with constantly evolving threats.
DDoS attacks like the 2017 Google incident take advantage of the fact that hackers are well-distributed with respect to their targets. This is the essence of asymmetric warfare. By decentralizing assets, applications and security infrastructure using blockchain, it may be possible to stop fighting hackers on their terms and beat them at their own game.