Ransomware has become the new cash cow for cybercriminals, handing them an estimated $1 billion in revenue every year.
Businesses fall victim to a ransomware attack every 40 seconds. This data highlights the prevalence of ransomware amid the digitisation boom.
The wide implementation of blockchain added salt to an already-existing wound, with cybercriminals leveraging the anonymity that blockchain provides. This has led to a hydra-headed issue for many organisations — ransom fees, loss of business files, lost productivity, litigation fees, regulatory sanctions, IT costs, and reputational damage.
This post will explore the topic of ransomware, the inadequacy of current solutions to counter it, and how, ironically, blockchain has emerged as the best hope for organisations to ensure data authenticity and combat cybercrime.
What is ransomware?
Using ransomware, cybercriminals seize access to an organisation’s database, demand a ransom, and threaten to delete the organisation’s data or release it to the public if the ransom is not paid. Methods of implementing ransomware include social engineering attacks, such as phishing emails, SMS texts, or pop-up ads to gain access to an organisation’s IT environment. Hackers can also use the remote desktop protocol (RDP) and other approaches that require zero user interaction.
Examples of ransomware include encryptors that encrypt files and render them inaccessible without a key, lockers that restrict access, doxware or leakware that threatens to expose an organisation’s sensitive information, and ransomware-as-a-service.
Ransomware-as-a-service (RaaS) is an emerging cybercrime model where a non-tech person can distribute the malware, and the developer gets his cut of the loot once a successful hack is completed.
Anti-ransomware solutions
Anti-ransomware tools seek to help organisations prevent ransomware attacks and recover from successful ones using specialised technology and training. Traditional anti-ransomware solutions include firewalls and antivirus software, as well as the implementation of strong passwords. Modern anti-ransomware tools are ML-based and scan for ransomware indicators, such as anomalies in email headers, domain similarity, and strange language in the body of emails.
Both traditional and modern anti-ransomware solutions pose certain challenges. For one, they rely on signature-based detection to identify known ransomware variants, but this method is ineffective against new and unknown ransomware variants. Additionally, current solutions sometimes result in false positives and false negatives.
Since ransomware attacks rely on data and access forgery, organisations must improve their systems to preserve data authenticity. Blockchain is one potent way to improve these systems.
Blockchain technology and cyber protection
Effective cyber protection constitutes a synergy between cybersecurity and data protection. An efficient anti-ransomware solution must align with its five critical stages—prevention, detection, response, recovery, and forensics. Of the many new anti-ransomware approaches, using blockchain’s decentralised, distributed ledger has garnered the most attention thus far. Blockchain records transactions as encrypted data across a network of computers; this data, encrypted via hash functions or asymmetric-key algorithms, cannot be deleted or altered.
A hash function is the creation of blocks coded with a collection of hash values whenever a transaction occurs in the blockchain. Every subsequent transaction is encrypted with the hash value of the previous block’s header using an encoded timestamp. This way, every block is linked to the first block, and the links are immutable because they are created with unique information from each block.
Asymmetric encryption creates a pair of keys, private and public, randomly generated. While the public key is transferable through unsecured channels, the private key is only available to the user.
The decentralisation and encryption features of blockchain have proven to be potentially useful anti-ransomware technologies going forward, especially due to its ability to help preserve data authenticity.
Blockchain and data authenticity
When it comes to data authenticity, there are a couple of key benefits blockchain offers.
Decentralised storage
In the conventional system of centralised storage, when data is entered, it is transmitted to the terminal systems where the user has little control over its fate. This leaves a vulnerability gap that cybercriminals can exploit.
Blockchain has decentralised storage, making it difficult to exploit. Even if one part of the network is compromised, the rest of the network remains secure, preventing attackers from gaining access to sensitive information or causing widespread damage. Exploitation is only possible through social engineering or the collapse of individual blocks, and the latter is even easily detected by living nodes. This does not imply a weakness in blockchain technology. It infers that the IT team only has to address the compromised node by restoring it to its previous version or by cutting the node out from the network.
Secure digital record
Blockchain’s tamper-proof and secure digital transaction record can help prevent the spread of ransomware and other cyberthreats. The data records can only be altered via automated systematic actions and events triggered only when certain conditions are met.
To ensure interdependency between all components of your organisation’s cyber protection framework, choose a blockchain-aware solution provider that easily integrates with existing security tools and systems, such as firewalls, intrusion detection systems, and endpoint protection.
Conclusion
Blockchain-based anti-ransomware is still novel and evolving, but it could be the ultimate solution to all forms of data hijacking and access forgery. IT professionals and security experts must stay ahead of the curve by keeping up-to-date with the latest developments in blockchain technology and exploring ways to leverage it in cyber protection.
Further research is required to explore the feasibility and effectiveness of blockchain-based security solutions, as well as their scalability and interoperability with other security systems. Additionally, there is a need to investigate the potential ethical and legal implications of using blockchain, including when it comes to data privacy, transparency, and accountability.
About the Author
Alex Ivanyuk is Sr. Technology Director at Acronis. Acronis unifies data protection and cybersecurity, delivering cyber protection that solves safety, accessibility, privacy, authenticity, and security (SAPAS) challenges. Acronis offers antivirus, backup, disaster recovery, endpoint protection management solutions, and award-winning AI-based antimalware and blockchain-based data authentication technologies through service provider and IT professional deployment models. These solutions protect data, applications, and systems in any environment.
Featured image: ©tostphoto