Data integrity has often been associated with industries such as medical and finance, areas where dips in accuracy can create ripple effects that impact the everyday lives of people. In theory, government records should also fall in line with that. The old way of thinking is that government agencies are slow moving and have records in dusty old boxes stuffed in a warehouse similar to the one at the end of Raiders of the Lost Ark. However, as government paperwork has gone digital, the truth is that these types of records are as modernized as possible — and because of that, they require the same level of security as bank statements or medical records.
In a post-Snowden, post-WikiLeaks world, this is becoming increasingly vital. In some cases, data integrity has less to do with the actual content of records and more to do with the public trust. This scrutiny has heightened tenfold with the purported hacks into the Democratic National Committee’s email servers prior to the 2016 election. Removing the political aspect of that example and focusing solely on the cybersecurity aspect, such an attack shows the depth, range, ease of attacks that can hold powerful organizations hostage and disrupt business. Beyond the risk of foreign bodies accessing proprietary or classified data off servers, the other concern is the possible manipulation of databases. Every CIO’s worst nightmare.
In a world of evolving cyberthreats, how can governments protect their data? Enter blockchain, a growing presence as we move further into the age of the internet of things. It offers novel solutions to these tough problems.
What is a blockchain?
A blockchain is a distributed database platform utilizing chronologically linked segments known as blocks. The blocks are a list of things that have occurred over a given amount of time. The term blockchain literally means chaining together these blocks. It first came to rise in conjunction with Bitcoin currency, and represents a new type of record-keeping for the digital age, one that is transparent, permanent and publicly vetted for accuracy. The general theory behind it is simple: a block is established when a vetted record is made. The block is secured through one-way cryptography (hashing), and every computer on the network has access to these records. The records are logged in chronological order with the preceding and subsequent blocks, locking it into place with hashes, and should any attempt to hack its network occur, the intrusion is quickly detected, and discrepancies would be recognized by other nodes on the network and restored to proper values.
This level of public vetting ensures that no stakeholder can influence records and changes will always be identified and restored. One-way hashing also enables this public vetting without putting any data at risk. It’s the crowdsourcing model — done with technology to power security — and it’s the next big thing in cybersecurity.
How the blockchain can protect our government
In response to public outcry for transparency, the United States Congress has pushed agencies such as the Department of Homeland Security to prove that they’ve upheld data integrity. Traditional auditing is a labor-intensive process, one that could expose national security secrets and sensitive data. Administrators with the highest levels of security clearance would be needed, but there are only so many available resources. DHS began looking to Silicon Valley for a solution, and the blockchain has demonstrated significant potential by hitting these key goals:
- Data integrity: With a permanent record constantly being vetted by network nodes, any attempted data changes/removals would be highlighted almost instantly.
- Classification: Using one-way cryptography, it is possible to vet data without exposing sensitive information.
- Resources: Because data remains classified and the blockchain vetting process is handled on a public network, auditing can take place without occupying high-level administrators.
Even in a case like the 2016 Presidential Election, where reports of Russian hackers only lifted data rather than attempting to change it, the blockchain could have provided detection and prevention. The most compelling progress made in creating blockchain systems is Hyperledger’s Chaincode and Ethereum’s Smart Contracts. These groups are in the early testing of turning complete programming locked into a blockchain. Hackers would have to attempt to break the blockchain network or execute the code in unexpected ways to gain access. IT administrators of high-stakes material can establish alerts for any attempts like these and take appropriate action, thus forming multiple layers of protection over sensitive materials.
To 2017 and beyond
In a post-Snowden, post-election world, the need for cybersecurity has only intensified. The next paradigm shift will come with the implementation of smart cities, as local governments attempt to integrate the internet of things into infrastructure, commerce and logistics. Because of that, cybersecurity is at the forefront of everyone’s mind, and blockchain represents an efficient, effective and secure way of handling that. The next step is getting Silicon Valley and the Beltway to truly collaborate — and the resulting partnership could finally bring proactive, not reactive, cybersecurity to the United States.
All IoT Agenda network contributors are responsible for the content and accuracy of their posts. Opinions are of the writers and do not necessarily convey the thoughts of IoT Agenda.