Last month, officials in Lake City, Florida, found themselves under the thumb of Ransomware hackers. After locking up terabytes of valuable data, the hackers demanded a sum of slightly under half a million dollars for a decryption key, leading to a payment of 42 BTC.
Earlier that month, government officials in Baltimore who elected not to pay a ‘moderate’ 13 BTC ransom (worth around $75k at the time of the hack) paid a total cost of $18 million to get their system up and running on their own terms, leading to a two week blackout of essential services. Another attack in 2018 took down the city’s 911-system for a day.
In May, only a few weeks before, another Florida city was confronted with a shutdown, this time with a $600,000 price tag to be paid in BTC.
“The basic idea behind ransomware is simple: A criminal hacks into your computer, scrambles your files with unbreakable encryption, and then demands that you pay for the encryption key needed to unscramble the files. If you have important files on your computer, you might be willing to pay a lot to avoid losing them.” – Timothy B. Lee, Vox
Ransomware hacks tend to be seen as no more than selfish and horrendous acts that can affect thousands or millions of people—and give Bitcoin a bad name to boot. While this is of course a fair assessment, they also serve the important but easily overlooked purpose of publicly exposing fatal flaws in sometimes critical systems.
Hackers like these have become a controversial yet necessary part of the web ecosystem by poking holes and providing insights into vulnerabilities, similar to the role of the ethical hacker*, though the latter lacks any villainous intent.
* An ethical hacker helps identify potential threats and weak points on a computer or network. Upon bypassing the security measures, the hacker supplies their employer with the necessary information to close up gaps and improve their system.
Making room for the new
Elastos’ technology is capable of cutting the problem out at its root and renew the soil through a multi-layered architecture with the core as the Elastos Runtime, Carrier Network, and of course, secured by blockchain technology (which includes a sidechain structure that allows for near infinite scalability).
In the modern web, applications are free to access device operating systems and the internet. If a single application is compromised at any point, whether by brute force or simply a faulty line of code, there may be nothing protecting the device and data from the actions of a malicious hacker, leaving the individual or organisation open to a ransomware attack.
Within an Elastos smart web, the Elastos Runtime (part of Elastos Browser/Trinity Browser) is installed on every device. This Runtime is a virtual machine (VM) that applications run on in isolation with no direct access to both the internet and device’s OS, keeping data safe and sound as it should be.
So devices are protected, but what about the vulnerability in the transfer of information between devices? A hacker could obtain valuable information by monitoring incoming and outgoing traffic.
This is where the Carrier network comes in. By foregoing the outdated method of connecting devices through servers farms, and instead linking them directly to each other, Elastos guarantees all information stays secure as it leaves the safe environment of the VM and makes its way through the encrypted Carrier network.
The DID-chain is one of Elastos’ many incorruptible sidechains. It can be used to identify and authorise users, and adds another layer of security to the robust design. This will be the case in the much anticipated Trinity browser, which Rong Chen recently announced would have a beta in Q3.
The main chain is already backed by almost 50% of Bitcoin’s network hash-rate through the merged mining of Bitcoin’s PoW miners, and it is additionally secured through DPoS.
Have a look here for more information on Elastos’ merged mining with Bitcoin:
By combining these elements, Elastos is able to properly shield devices and the traffic between them, providing the smart web with an unprecedented level of security that includes the elimination of most hacks, viruses, and various cyber attacks (DDoS, MitM, etc.).