Article

Cyber Security with Blockchain

Prevention of DDoS attacks with Blockchain technology

Distributed Denial of Service (DDoS) attacks are nothing new, but recent attacks are increasing in severity, complexity, and frequency and have therefore become a mainstream concern for businesses and private customers alike

The most recent DDoS attacks have been observed to hijack connected devices such as webcams, baby phones, routers, vacuum robots, etc. to launch their attacks.

The number of devices remotely controllable via apps is growing exponentially and the Internet of Things (IoT) is expected to easily surpass 20 billion connected devices by the end of 2020.

One of the associated problems is that many of the connected devices are ill-equipped with security measures to prevent malevolent and improper usage, and thus prove to be the perfect, unsuspecting resources to be recruited into a botnet.

The lack of proper security features for connected IoT devices is mainly driven by insufficient prioritization because the potential for disruption has been underestimated in the past, and manufacturing costs and profit potential dictate feature selection. That said, recent events may trigger a re-think to include and promote security features as part of a premium positioning for connected products. At present, infecting IoT devices for creating a botnet couldn’t be easier for a competent hacker.

How Blockchain technology could promote a secure IoT

Today’s IoT ecosystem follows a centralized paradigm, which relies on a central server to identify and authenticate individual devices. This allows malicious devices to launch attacks against other equipment by means of a brute force Telnet attack or other attack vectors.

Blockchain technology could enable thecreation of IoT networks that are peerto-peer (P2P) and trustless; a setting which removes the need for devices to trust each other and with no centralized, single point of failure.

A Blockchain, being a universally distributed ledger, ensures the security of all transactions through the cryptographic work of certain participants called nodes which validate those transactions, in return for rewards in the form of crypto-currencies such as Bitcoin. This removes the need for a central authority to authenticate a device to interact with another device and also authenticate a user to login to a device.

Further Authors

Sawan Kumar
Senior Consultant, Deloitte Consulting
sawkumar@deloitte.com
+1 470 434 4322

Jens Hermann Paulsen
Senior Consultant, Deloitte Consulting
jpaulsen@deloitte.de
+49 69 9713 7294