There is a reason that a majority of the world’s services are offered through centralized systems. Before the advent of distributed systems such as blockchains, we collectively looked at centralized systems as the surest path to increased security. These perceptions pre-date the digital era; for centuries, ledger-based centralized systems have enabled services that would be difficult through alternate arrangements – such as banking and asset exchange markets.

The emerging relevance of distributed systems in recent years has headlined the vulnerabilities that flow naturally from trusting centralized systems. To clarify things from the get-go:

  • With a centralized system, data is typically stored, updated, and managed through one location rather than spread out across many. When this core system is hacked, it translates to losses for all nodes and stakeholders that rely on it. For example, if a country’s central bank database is hacked into, it usually spells trouble for the economy at large – including private banks, businesses, and individual consumers.
  • With a decentralized system, data relevant to respective locations is stored and maintained independently of a central hub. This usually means damage due to a hack targeting a specific location would be largely restricted to that specific location, rather than to all nodes connected to the central system. In distributed systems, this concept is taken one step further: the same data is distributed and synchronized in several independent locations; thereby making prospects of hacking the entire system difficult and cumbersome.

With a vast majority of our information being stored on centralized servers, this leaves us open to considerable threats and manipulations – all our vital information might (and often does) end up in the wrong hands.

Centralized Systems: A History of Major Attacks

We have compiled a list of some notable hacks in recent years that targeted centralized systems and resulted in massive damages.

Here are some of the major ones that caused the most furor and harm. 

  1. Citibank – 1995

The amount of exposure electronic transactions have was truly highlighted in this incident in 1995 when an engineer, Vladimir Levin, wired an estimated $10 million to accounts worldwide by hacking into the Citibank systems.

  1. Mafia Boy – 2000

Michael Calce, a teenager from Canada, caused massive damages to major multinational companies such as Yahoo!, Dell, and CNN by managing to freeze their operations through the infamous Mafia Boy virus. In essence, the Mafia Boy was a denial-of-service (DoS) attack which made many of the services non-responsive to input from users.

  1. Delta Airlines – 2004

In 2004, 18-year old Sven Jaschan, managed to bring down the entire IT department of Delta Airlines, understandably wreaking havoc for the organization as several transatlantic flights had to be cancelled.

  1. Operation Shady RAT – 2006

This particular incident brought to light the massive attention that espionage is getting online. The attacks led to significant damages for major defense organizations and public organizations such as the United Nations. 

  1. Mt Gox Bitcoin Exchange – 2013

A blockchain based around the distributed systems approach, Bitcoin itself is quite secure. Nevertheless, it is operated through exchanges where people are able to convert normal currency to Bitcoin. This exchange was the subject of a hack in which a whopping $460 million was stolen. This proved to be a deathblow as the exchange soon became bankrupt! 

  1. Bangladesh Bank Heist – 2016

The Bangladesh bank heist is remarkably astonishing as it managed to exploit the presumably hyper-secure SWIFT banking system. This is a global monetary transfer system, and is used extensively all over the world. The gang responsible managed to make $81 million! 

  1. WannaCry – 2017

The latest in a string of cyber-attacks – the modus operandi differs as hackers usually demand money in return for the information stolen during a hack. This is termed as ransomware. Multiple organizations in about 150 countries suffered, including the National Health Service in the UK. 

So what can be done?

In order to safeguard against security breaches, a number of ‘best practices’ are suggested for companies and service providers of all sizes. While the threat can be greatly reduced by employing all these methods, it is simply not possible to completely eradicate the threat.

  • Protect all personal and sensitive information. Be careful not to reveal it to service providers with questionable data protection practices.
  • To safeguard information, reduce the transfer of data online. Cloud-based systems may be convenient for companies, but they come with their own array of risks.
  • Downloads should be restricted, particularly on company laptops and systems which are linked to central servers where information is stored.
  • All unencrypted systems are prone to attacks, only encrypted devices should be allowed.
  • Security systems that regularly check up on firewall protection should be
  • Restrict accessibility to a need-to-know basis.
  • Employees should be educated regarding phishing emails and such. This will ensure that they aren’t opened up by mistake, bringing about serious problems.
  • Conducting regular audits and tests should be a top priority for organizations.

And here’s the big one, one that must be done on the structural level and not by individuals per se:

  • Shift to distributed systems. Blockchains have shown the potential benefits of distributed systems in overcoming the security shortcomings of centralized systems. A number of major banks, such as UBS, Banco Santander, and Credit Suisse are exploring the possibilities of the technology for both security and efficiency.

In Conclusion

There are multiple ways in which cybersecurity can be reinforced, much like walls outside a house. However, the threat always exists and new ones emerge every day. Hence, constant vigilance is really the only way out.

Reference Links

https://www.vpnmentor.com/blog/20-biggest-hacking-attacks-time/

http://bigdata-madesimple.com/15-ways-to-prevent-data-security-breaches/

https://www.forbes.com/sites/forbesfinancecouncil/2018/03/08/how-to-protect-your-business-from-a-data-breach-seven-key-steps/#369ec3fa6b68