The blockchain is often seen as a technology that is capable of liberating many sectors from middlemen, decreasing the operating costs and improving transparency and security in the relations between the market participants. But would the technology of decentralised ledger help to overcome one of the greatest challenges of the modern world, the secure storage of personal data?
The year 2017 beat the records in leakage of personal data as a result of cyberattacks and vulnerabilities in the storage systems. According to Gemalto, a company that works in the field of cyber security, 1.9 billion records were compromised in the first half of 2017, more than during the whole year 2016 (1.37 billion). Approximately 10.4 million records leak to the Internet daily. According to the Russian company InfoWatch, the figure is much higher – 7.78 billion records in the first half of 2017.
One of the greatest thefts of last years was the hacker attack against Uber. In October 2016, the cyber criminals managed to steal the data of 50 million Uber users and 7 million Uber drivers. Names, email addresses, mobile phone numbers, driving permit numbers were stolen. According to some users, their accounts were hacked, and they received invoices for journeys they had never made. Back then, the media reported that Uber had to pay $100,000 to a hacker in order to retrieve the personal data of its users.
Every minute, gigabytes of information are generated in the world. The data volume is growing with such a tremendous pace that the companies outsource the storage of information to other services increasingly often. The most popular of these services are cloud storages. Amazon, Microsoft, IBM and Google became leaders in this field, controlling 60% of the whole cloud storage market (Infrastructure-as-a-Service, IaaS). The cloud storage is the quickest growing segment of all the cloud services. In 2017, the cloud market storage, according to preliminary assessments, grew 36.8% to reach $34.6 billion, and by 2020 it will reach $71.6 billion. But how secure are those services?
One of the most striking examples of vulnerability of existing data storage systems is the leakage of celebrity photos from the iCloud service in 2014. Back then, the hacker stole naked photos of Hollywood celebrities including Jennifer Lawrence (the lead actress of the film Hunger Games), Ariana Grande (actress and singer), Kirsten Dunst (actress), Selena Gomez and Avril Lavigne (singers) – in total, the list included more than a hundred names – and uploaded these photos to the Internet.
The fundamental vulnerability of the existing data storage systems is their centralisation. Whether on private servers or at the cloud storage from market leaders, the information is still concentrated in one place, which increases the probability of leakage and theft as a result of targeted hacker attacks or administrator’s mistakes when regulating the access to the cloud storage area.
“Commercial and state services process the ever growing quantity of data electronically, and such data is very liquid,” stated Sergei Khairuk, the analyst of the InfoWatch Group of Companies when presenting a report about the data leakages in 2017. – “The high-tech sector is very much subject to information leakages, as well as the financial sphere. These fields enjoy the special interest of criminals who deliberately compromised the majority of data pertaining to these sectors. And these are the very spheres that serve as drivers of the digital economy so its development makes it necessary to give a special attention to the questions of regulation and information security of the processes of digital transformation.”
A possible answer to the challenge can be given by the decentralised data storage platforms. Over the last years, a number of large-scale projects emerged that develop such services – Filecoin, Storj, Sia and others. Some projects are oriented towards the storage of files sent by common users, others target businesses. The increased market demand demonstrates that such platforms are needed: the Filecoin project became one of the largest crowdsales of 2017, raising more than $257 million during the initial coin offering. However, so far no platform could win a major share of the market.
When launching a decentralized storage, a significant problem is the architecture of such a solution, explains Artem Koltsov, the founder of the Casper API, a blockchain data storage for decentralised applications. He believes that a shortcoming of most of such projects is a tendency to create one’s own blockchain, as in cases of Sia and Storj, or develop a platform based on an already existing blockchain (the case of Swarm), whereas in the future the decentralised applications will be based on different blockchain ecosystems. That is why, when designing the future decentralized repository, the Casper team decided, instead of trying to create and popularise their own blockchain, to develop a universal solution that can be deployed on any blockchain, be it the Ethereum ecosystem popular among the developers or its possible future competitors such as NEO, Qtum or Lisk.
The main advantage of decentralized storage is the ability to distribute data in an encrypted and fragmented manner between random community participants. Thus, data owners can withstand targeted hacker attacks, as cybercriminals, even if they find a breach in the security system, are unlikely to have access to the necessary information in full, and the encryption will transform their booty into a meaningless set of codes.
Another advantage of decentralised storage that should be taken into account is the reduction of data storage expenses. While the cost of storage of 50 terabytes of information with the largest player of the cloud service market, Amazon, amounts to $16,500 ($0.33 for 1 gigabyte), it is many times cheaper with decentralised storages. For instance, in the case of Casper, the storage of 50 terabytes will cost the user approximately $5,445.
Blockchain developers are positive that, similarly to the case of banking institutions, the blockchain may free the market of unnecessary middlemen.
“I see huge parallels between existing cloud storage infrastructure and existing financial infrastructure,” declared Zach Herbert, one of the authors of the Sia project. “Both rely on trusted third parties. Both could be more efficient and more affordable. Both will be replaced with blockchains.”
Koltsov adds that the blockchain-based applications (DApp) cannot be considered as quite decentralised without a decentralised storage.
“The decentralisation of the information storage market will not only help to fight leaks,” he believes. “Decentralised storages will help DApps to become truly independent from corporations and state authorities. If we want to see a rapid development of decentralised applications, it is vital to solve the issue of the decentralized data storage.”