Connect with us

Technology

Is blockchain a friend or foe in ransomware attacks?

Published

on

UCD assistant professor Dr Nima Afraz explores how blockchain technology could be used against cyberattacks as well as the potential danger it poses.

In light of the recent ransomware attack on Ireland’s Health Service Executive (HSE), I have examined the possible role blockchain technology can play in exacerbating but also preventing such attacks.

The race is now on between those who want to use blockchain for good and those who seek to use it to create further criminal harm.

Ransomware is an increasingly common type of cyberattack during which the victim’s computer is infiltrated and their data rendered inaccessible by encryption techniques. The victim is then forced to pay a ransom to gain access to their own data.

A ransomware attack consists of several steps:

1. Infection/breach: Hackers use an attack vector to deliver the infected software or the ‘payload’ to the victim’s device.

2. The malware spreads: The malware spreads within the victim’s network and quickly encrypts their files.

3. Negotiations begin: The attacker shows an alert on the victim’s screen or opens a communication channel with them and promises to unlock the encrypted data when the ransom is paid.

A ransomware victim’s computer screen with directions on how to pay the ransom.

A ransomware victim’s computer screen with directions on how to pay the ransom.

Ransomware supply chain

The more advanced these attacks become, the more specialisation each step requires. For instance, an advanced cryptographist capable of designing the most sophisticated multi-threaded encryption technique is not necessarily a skilled extortion-negotiator or an adept social engineer.

At the same time, a cybercrime gang will risk more danger by recruiting more people. Hence, a new concept has emerged to connect these cybercriminals without exposing them to more danger. The recent phenomenon is called ransomware-as-a-service (RaaS).

RaaS platforms are often equipped with a step-by-step process allowing the client (in this case, the attacker) to customise many aspects of the malicious software, including the attack vector, encryption method, the type of files targeted (images, PDF, or a specific file format), communication channel and messages.

A dark web marketplace ad claiming to sell a custom-made ransomware

A dark web marketplace ad claiming to sell a custom-made ransomware.

Cybercriminals’ struggle for trust

Unsurprisingly cybercriminals do not trust each other. The marketplaces on the dark web where such RaaS offerings are sold are full of reviews from opportunist novice criminals who heard about RaaS and thought they could get rich overnight, only to be scammed by other con artists.

Similarly, the victims also have good reasons not to trust the attackers, besides them being criminals. For one, according to Kaspersky, only a quarter of ransomware victims manage to fully recover their data after paying the ransom. This is simply because the attackers do not invest substantial time and money in developing the decryption tool.

Meanwhile, very often, even after receiving the ransom and exchanging the decryption keys, the greedy attackers threaten to leak the sensitive data acquired during the attack and continue blackmailing the victim.

Therefore, there is no guarantee that after paying the ransom, the victim will get all their data back.

This issue seldom goes out of the area of individual trust and becomes a public cry for legitimacy. The collective of dark web hackers has long enjoyed the Robin Hood status due to targeting big corporations and donating to charities or leaking classified data on the government and public figure corruption.

Support Silicon Republic

Like drug cartels’ popularity stunts during the pandemic, cybercriminals benefit from the ‘coolness factor’ to recruit more hackers and maintain a reputation in public opinion.

However, preventing a country’s cancer patients from accessing chemotherapy and articles such as this is not consistent with the Robin Hood stature they yearn for. This might be why the cybercriminals behind the recent ransomware attack against HSE suddenly decided to publish the decryption tool online and for free.

Where does the blockchain come in?

Although the earliest documented ransomware attack dates back to 1989, the emergence of bitcoin and other cryptocurrencies has resulted in a massive resurgence in ransomware attacks. This is mainly because these cryptocurrencies allow attackers to extort large sums of money while remaining anonymous and difficult to trace.

The bad news is blockchain technology might prove to be the missing link in the full automation of ransomware attacks. Cybercriminals have already made efforts in automating the process of customising and selling ransomware. However, the lack of trust between cybercriminals is still a barrier to the full automation of this process.

A smart contract-based RaaS supply chain could cultivate more worrying degrees of operation. For instance, the cybercriminals could agree on a smart contract where a ransomware developer would only get a commission fee and only if the ransomware is proven effective. Once an agreement is written in a smart contract format, it’s immutable and unstoppable by either party.

From human-operated to automated attacks

On the other hand, blockchain could be used by the attackers to gain the victim’s trust. Researchers have studied how blockchain-based semi-autonomous ransomware could take the scale of ransomware attacks to an entirely new level. Researchers are now studying new ransom payment paradigms enabled by blockchain technology, including the pay-per-decrypt method.

Pay-per-decrypt is designed to gain the victim’s trust by allowing them to pay separate ransom for each, or a subset of, encrypted files. This will remedy the lack of trust between a victim who, rather than a large lump sum payment with uncertainty, will pay small amounts in return for guaranteed decryption. Another advantage of pay-per-decrypt for the attacker is the additional payment options they can program into the smart contracts, such as dynamic pricing of the files.

It is not all bad news

Blockchain technology can also work as a preventative measure to disarm ransomware.

In many cases, the main problem for victims is that only one copy of their data was ever stored on the servers. If attackers target this single point of failure, it’s enough to cost a victim access to their data.

Suppose the victim was instead keeping distributed records of their data spread across multiple servers hosted by independent providers instead of a single centralised copy. In that case, they could have isolated the infected machine and recovered all the data from the other copies.

Blockchain is one of the main technologies that allow such a distributed record-keeping with multiple immutable copies of the data available on demand without relying on a central entity and, therefore, no single point of failure.

On top of that, other distributed file storage protocols such as InterPlanetary File System (IPFS) could be used in parallel to blockchain to store larger datasets.

In addition, our work on collaborative attack prevention also uses blockchain technology to incentivise network entities to share attack information with each other and potentially leading to better defence against ransomware.

By Dr Nima Afraz

Dr Nima Afraz is an assistant professor at University College Dublin and is associated with the Connect  SFI research centre in Trinity College Dublin.

Source link

Technology

2021 iPhone photography awards – in pictures | Technology

Published

on

The 14th annual iPhone photography awards offer glimpses of beauty, hope and the endurance of the human spirit. Out of thousands of submissions, photojournalist Istvan Kerekes of Hungary was named the grand prize winner for his image Transylvanian Shepherds. In it, two rugged shepherds traverse an equally rugged industrial landscape, bearing a pair of lambs in their arms.

Source link

Continue Reading

Technology

With Alphabet’s legendary commitment to products, we can’t wait to see what its robotics biz Intrinsic achieves • The Register

Published

on

Alphabet today launched its latest tech startup, Intrinsic, which aims to build commercial software that will power industrial robots.

Intrinsic will focus on developing software control tools for industrial robots used in manufacturing, we’re told. Its pitch is that the days of humans having to manually program and adjust a robot’s every move are over, and that mechanical bots should be more autonomous and smart, thanks to advances in artificial intelligence and leaps in training techniques.

This could make robots easier to direct – give them a task, and they’ll figure out the specifics – and more efficient – the AI can work out the best way to achieve its goal.

“Over the last few years, our team has been exploring how to give industrial robots the ability to sense, learn, and automatically make adjustments as they’re completing tasks, so they work in a wider range of settings and applications,” said CEO Wendy Tan White.

“Working in collaboration with teams across Alphabet, and with our partners in real-world manufacturing settings, we’ve been testing software that uses techniques like automated perception, deep learning, reinforcement learning, motion planning, simulation, and force control.”

Tan White – a British entrepreneur and investor who was made an MBE by the Queen in 2016 for her services to the tech industry – will leave her role as vice president of X, Alphabet’s moonshot R&D lab, to concentrate on Intrinsic.

She earlier co-founded and was CEO of website-building biz Moonfruit, and helped multiple early-stage companies get up and running as a general partner at Entrepreneur First, a tech accelerator. She is also a board trustee of the UK’s Alan Turing Institute, and member of Blighty’s Digital Economic Council.

“I loved the role I played in creating platforms that inspired the imagination and entrepreneurship of people all over the world, and I’ve recently stepped into a similar opportunity: I’m delighted to share that I’m now leading Intrinsic, a new Alphabet company,” she said.

The new outfit is another venture to emerge from Google-parent Alphabet’s X labs, along with Waymo, the self-driving car startup; and Verily, a biotech biz. ®

Source link

Continue Reading

Technology

Charles River to create 90 new jobs at Ballina biologics site

Published

on

Charles River is expanding its testing capabilities in Ballina as part of its partnership with Covid-19 vaccine manufacturer AstraZeneca.

Contract research organisation Charles River Laboratories is planning an €8m site expansion in Ballina to facilitate batch release testing for Covid-19 vaccines from AstraZeneca.

The expansion at the Mayo site will create an additional 1,500 sq m of lab space and 90 highly skilled jobs in the area over the next three years.

Click here to check out the top sci-tech employers hiring right now.

The company provides longstanding partners AstraZeneca with outsourced regulated safety and development support on a range of treatments and vaccines, including testing and facilitating the deployment of Vaxzevria for Covid-19 and Fluenz for seasonal infleunza.

The latest investment follows earlier expansions at the Ballina site and Charles River recently announced plans to establish a dedicated laboratory space to handle testing of SARS-CoV-2 and other similar pathogens that cause human disease.

“We are incredibly proud of the transformational changes we have implemented on site and the role that Charles River has played in supporting the safe and timely roll-out of AstraZeneca’s Covid-19 vaccine,” said Liam McHale, site director for Charles River Ballina.

“Throughout the pandemic, our site remained fully operational while keeping our employees safe and having a positive impact on human health. Our expanded facility will provide us with the increased capacity needed to continue the essential services we provide to our clients.”

Charles River acquired the Ballina facility, which focuses on biologics testing, in 2002. The company employs 230 people at its two facilities in Ireland, including the Mayo site and a site in Dublin, established in 2017, which serves as the EMEA and APAC headquarters for the company’s microbial solutions division.

IDA Ireland is supporting the expansion. Mary Buckley, executive director of the agency, said Charles River is an “employer of long standing” in Co Mayo.

“The enhancement of its product lines and the development of additional capability at the Ballina facility is most welcome,” she added. “Today’s announcement is strongly aligned to IDA Ireland’s regional pillar and its continued commitment to winning jobs and investment in regional locations.”

Dan Wygal, country president for AstraZeneca Ireland, added: “Our Covid-19 vaccine, Vaxzevria, undergoes extremely robust safety and quality testing prior to becoming available for patients. We are committed to bringing safe, effective vaccines to Ireland and other markets as quickly as possible, and Charles River will continue to be an important partner in this regard.”

Source link

Continue Reading

Trending

Subscribe To Our Newsletter

Join our mailing list to receive the latest news and updates 
directly on your inbox.

You have Successfully Subscribed!