Bitcoin Extortion and Hacked Gadgets: How Blockchain Will Repel Cyberattacks in 2020
According to the report by CipherTrace, losses to frauds and theft related to cryptocurrency amounted to $4.4 billion in 2019. As the hi-tech market develops, cybercriminals have shifted their focus from exploiting technical vulnerabilities to social engineering. Using the typical weaknesses we humans have isn’t too hard and doesn’t require special skills.
Experts see distributed ledger technology as one of the means of protection against cyberattacks in 2020.
We provide the translation of an article by Mikhail Kondrashin, technical director at the cybersecurity firm Trend Micro. He reviewed the main types of cyber threats to expect this year and the ways to avoid them.
The Threats of 2020
Trend Micro’s research shows that cybercriminal forums offer options like “Malware-as-a-Service” or “Ransomware-as-a-Service.” Anybody can use these tools to launch their own cyberattack at will.
Traditionally, the targets for cyberattacks are financial institutions and their clients. It isn’t much different in the crypto-industry. Hackers use similar techniques to steal traditional money and cryptocurrencies.
In the cybercriminal landscape of 2020 we may expect:
- More targeted ransomware attacks.
- More attacks on smart infrastructure, IoT, and industrial IoT.
- More attacks on mobile devices.
- More attacks on personal data: leaks, modification, and malicious use.
- New vectors of attack: fintech startups, including many blockchain platforms, and their clients.
Cybersecurity news feeds for the past several years have numerous mentions of account credentials being leaked or stolen. Cybercriminals use social engineering, as well as phishing letters and websites to make their victims give out logins and passwords.
One of the ways to protect your password is not to have one. There are blockchain-based platforms that allow you to do just that, such as Civic and HYPR. Civic is a digital identity management platform that protects users’ personal data against theft and identity fraud. HYPR is an authorization platform and a package of biometric systems protecting mobile and desktop users, as well as the IoT.
A decentralized authentication platform allows organizations to work with biometric data without the risk of a server or a database with sensitive information being compromised.
Personal Data Protection
Personal data legislation is getting stricter around the world. The EU’s GDPR involves serious punishment for the companies violating its rules. In 2018 alone, the collected fines amounted to €56 million. In 2019, Marriott International and British Airways were fined €110 million and €204.6 million respectively because of personal data leaks.
Using blockchain for personal data handling allows you to keep a log of whatever is done to a piece of data in the ledger. Blockchain immutability, however, leads to complications with the right to be forgotten. The owner of personal data can ask to erase it, so companies would have to figure out how to remove the information from an immutable ledger.
Corporate Blockchains and Crypto-Exchanges Security
Attacks on blockchain platforms work similarly to attacks on any other cryptography. They exploit vulnerabilities and use social engineering. A typical example of such an attack is a phishing letter with a malicious attachment executed by an employee of a crypto-exchange or other company. This leads to cryptocurrency theft, data leaks, and other incidents.
Protection against such attacks relies on a spectrum of technical and administrative measures, as well as purpose-made solutions. For blockchain platforms, the measures include multi-signature and authentication applications for 2FA (two-factor authentication).
Neglecting smart contracts and multi-signature is considered to be one of the primary reasons behind the notorious Coincheck hack in 2018. Over $500 million in NEM were stolen in the incident. Experts note that before the hack Coincheck received letters with malware that facilitated key theft.
Supply Chain Security
Another important type of attack is the Business Email Compromise (BEC). It involves an adversary who penetrates the chain of interaction between a company and its counterparties to steal money or inflict harm in other ways.
If all such interactions are written in a blockchain or fixed with smart-contracts, attackers won’t have an easy way to get in. Moreover, blockchain allows one to check for the authenticity of products and monitor data and physical goods across the entire supply chain.
According to Gartner, in 2020, there will be over 20 billion IoT devices. In 2030, there will be 500 billion. This is a revolution going far beyond smart light bulbs, fridges, and even houses. IoT devices will be widely used everywhere from agriculture to healthcare. It is still hard to imagine all the potential applications.
It won’t take long. In a few years, the entire world will be very much interconnected and “smart.” Unfortunately, it will bring new security problems. Almost all IoT devices have vulnerabilities. Hackers might be able to control people’s cardiac stimulators, remotely disable cars, and organize large-scale DDoS attacks.
Any fault in an IoT system puts numerous devices, data, and supply chains at risk. The problems with IoT security are usually related to authentication, connection, or transaction.
A blockchain controlling data access will act as an additional obstacle for the attackers. It can prevent a vulnerable device from transmitting false information and compromising the network environment, whether it is a smart home or a smart factory.
Additionally, decentralization solves the problem with authentication server failures.
Uniquid builds a blockchain-powered cloud platform for authentication based on Litecoin. Each connected device is registered in a ledger, while each instance of granting or revoking rights is represented by a publicly visible blockchain transaction. This makes unauthorized connections and man-in-the-middle attacks difficult.
Blockchain can mitigate cybersecurity risks. Although, just like any other technology it isn’t a silver bullet against all threats.
Making distributed ledger technologies a common practice takes great effort in terms of standardization, hardware, and protocol tweaking, developing new solutions for low-performance IoT components, and creating legislation to direct the use of the technology.
We can witness the adoption of blockchain, as major corporations start using it to control supply chains, protect infrastructure, and solve all sorts of problems. But we are still at the very beginning of a long way to a safe future, powered by a global distributed ledger.
Subscribe to our Newsletter<
- Bitcoin in Cybercrime: Questionable Choice That Works
- Inbar Preiss About Women in Blockchain Industry
- Wassim Alsindi: Fiat Money Is an Experiment and Not Very Long-Lived One
- Resurrection of Altcoins Presumed Dead Is No Zombie Apocalypse but Something Else
- Is It Too Late to Buy Bitcoin in 2020? That’s Right, This Question Again
- Samson Mow: Bitcoin Is a Way to Prevent an Orwellian Future
- Bitcoin Core Dev: Full Node Sybil Attack Problem Exists and Has No Perfect Solution
- Crypto-Exchange Founder: More Institutional Players Will Come to the Industry But Not Overnight