We are losing the cybersecurity war. In 2015, over 21.5 million federal employees and contractors – just about anyone who got a U.S. federal security clearance outside of the CIA – received a notification that their Social Security Number and personal information had been stolen from their Office of Personnel Management (OPM) files. When seeking a government security clearance, you have to fill out a very detailed personal information form, an SF-86. All of those are now in the hands of parties unknown.
Adding insult to injury, scammers latched on to this latest data disaster and sent out fake notification letters and emails, leading to further data breaches. Experts have suggested that this OPM hack, the DNC email hack, and the Sony hack, are the results of state-sponsored cyberwarfare.
After decades of cybersecurity efforts, even the US government's "secure" files aren't safe. Forget it if you are a customer of Ashley Madison, or Target, or Anthem. Better cryptography alone isn't the answer. The analogy is that you are making harder and harder walls, which is great as far as it goes, but when someone penetrates them, they still have access to all of your data behind the walls.
What's more, improving security typically comes at the cost of more data silos, making it harder to share information. This runs counter to the fact that data is more useful when shared. The absence of good data sharing is visible every time you have to fill out the same information on medical paperwork when you go from one doctor to another or one clinic to another.
We are arguably at a place of crisis.
The good news is that, thanks to the rise of popularity of distributed ledger technologies (like blockchain), and data management methods such as secure multiparty computation and secret sharing, we now have a potential solution.
The first part of the solution, OPAL (Open Algorithms), inverts the traditional paradigm. Instead of bringing the data to the code, we're bringing the code to the data. No longer do we consolidate different data sources to get to an interesting answer. Instead, we distribute the code to the various pieces of data, which reduces the attack surface for hackers. The French government has funded our early work in developing OPAL.
The second part, ENIGMA, breaks up data into thousands of small pieces, encrypts each piece, and scatters them. Even if you could hack one node on the network, you'd just get a data fragment. Even better, you can perform computations on the encrypted data fragments. When combined with OPAL, you can now transform and gain use out of data while dramatically improving its security. Corporate collaborators are underwriting our efforts to implement ENIGMA as an open source code project.
OPAL/ENIGMA, and techniques like it, promise to deliver new weapons to the war on cybercrime — while making all of that data significantly more useful for society.