Like any other Sunday morning when I’m not traveling, I park myself at my local luncheonette; grab my big Avaya mug from the wall behind the counter, and stick on my headphones. I Then immerse myself into the weeks technology tweets and blogs from the people I respect the most in the industry.
Evan Kirstel is one individual that never ceases to amaze me, either with inspiring tweets of his own, or something worthy of his RT, and likely worth reading. Today, a particular article he posted caught my eye. It appears that a D-Link DNS hack has become problematic where Hackers modify the router DNS to their own nefarious DNS look-alike. By doing this, any requests made for the IP address of someone’s bank, for example, would return a spoofed address of the hackers look alike bank site. Unsuspecting users would then login with their normal credentials, which would be collected by the hackers and then used later to drain accounts.
The security exploit here, is that the person is relying on information from one location, the DNS entry in the D-Link Router. it assumes that the IP Address of the DNS server provisioned is valid and authenticated, which in fact is not. This immediately struck me as a classic use case for blockchain, and an excellent way to explain it to those who may not understand.
As it was explained to me, blockchain is an architecture that stores data in multiple locations (or blocks) across the Internet. The actual data in the block itself is irrelevant. In fact, it is the container of that data that is tagged with an identifier unique to that block of data. In addition, the identifier is changed each time the contents of the container is modified, and this identifier is replicated everywhere the data is stored across the internet. When a user retrieves a specific block of data, they can then compare the identifier of the container with the other containers of the information. Should there be a mismatch in the identifier, it becomes immediately apparent that the data is not current, or valid. So, while it may be possible, or even easy to hack a particular container, replicating that to every other instance of the container would be nearly impossible. The more secure the data needs to be, the more container instances would exist, making it near impossible without quantum computing power and many say even that would be questionable.
This makes the value proposition here quite simple. If I’m going to hack your data, I need to hack every instance of your data, or you will know that the proverbial “seal has been broken”. It would be clear to all that the data has been tampered with without actually seeing the data, which ensures privacy. Knowing this, let’s go back to our DNS hack example.
When your router establishes an online connection, the router obtains its IP address, subnet mask, default Gateway, and DNS server information via DHCP. To ensure that DNS has not been hacked and spoofed, with a nefarious spoofed server address, it would be a simple matter of inspecting the blockchain identifier on the DNS data coming in, and also when the contents have changed. This will confirm if the blockchain address is valid as compared to other known data sources.
If a hacker managed to attack your router and modify the DNS IP address entry, it would be immediately known and could be flagged as an insecure source of data. That being said, please remember this was intended to be just an example to illustrate how blockchain could be used in a very simple environment. As you evaluate new infrastructure and architecture, don’t ignore the block chain value proposition built within products. Understand what they have, where the manufacturer is going from a roadmap perspective, and what could be used to lock down your data in this ever-changing, and fast-moving Internet of Everything.
To bring this full circle back into my Public Safety practice, Next Generation 911 networks will be chock-full of data and information from various sources. Protecting our critical life safety systems on the backend will be a challenge. At the same time, we can no longer lock these systems away in the back room away from the data that’s needed to evaluate situational awareness that will ultimately save lives. I believe blockchain will play a significant role in the validation of that data, and the architecture that will allow good data to flow from the people who have it to the people who needed, while protecting those first responders from attacks by those looking to circumvent, and infect the system.
The lesson here is not only is guarded diligence. Understanding networks is critical in building our NG911 environment, but a specific eye on public safety security best practices is paramount. I’d love to hear your thoughts on the matter, and what you perceive as suggestions and fears for the future.