UCD assistant professor Dr. Nima Afraz talked about how cyber attacks could be prevented by blockchain technology as well as how it could be used to create smart contract-based ransomware.
Blockchain Tech Could Enhance Ransomware Attacks
The rise of blockchain and cryptocurrencies has resulted in a growing surge of ransomware attacks globally. The untraceable nature of cryptocurrencies like Bitcoin has paved the way for cybercriminals to extort large amounts of money without leaving a trail. Additionally, blockchain technology could be used to fully automate these ransomware attacks and navigate the lack of trust between cybercriminals. For example, the terms of the agreement could be converted to a smart contract format to ensure that all parties operating the attack keep up with their end of the bargain. Because of the mechanics of blockchain technology, a smart contract agreement is immutable and unstoppable by anyone. Thus a smart contract-based RaaS (ransomware as a service) supply chain could make these cybercriminals much more efficient.
Ransomware Attacks Scaling Up With Pay-Per-Decrypt
Blockchain-based semi-autonomous ransomware can scale up cyber attacks by introducing the pay-per-decrypt method. Instead of demanding a huge lump sum payment, attackers can instead ask for small amounts in return for guaranteed decryption. This method ensures payments as victims are more likely to pay smaller installments to decrypt specific files instead of the entire ransom amount in one go. Plus, the attackers can introduce additional payment options into the pay-per-decrypt smart contracts, such as dynamic pricing of the files.
The Other Side Of The Coin: Blockchain Can Be Preventative
Because of its decentralized nature, blockchain technology can also be used to demobilize ransomware attacks. Most of these attacks are possible only because a single centralized copy of the victims’ data is stored in their servers. As a result, it is easier for attackers to target this single point of failure and even lock victims out of their servers. Blockchain technology can enable distributed record-keeping of data spread across multiple servers hosted by independent providers, thus eliminating a single point of failure. Even if an attack happens on any one data source, it can be isolated while recovering data from the other copies.
Collaborative Defense Using Blockchain Tech
Dr. Afraz also referred to the research conducted by herself and others on the role of blockchain in putting up a collaborative cyberattack defense mechanism. The research paper proposes a secure distributed model based on blockchain technology that can be used to assure tamper-proof record-keeping. Another component of the model is smart contracts that can guarantee immutable logic to facilitate cyber threat intelligence sharing among diverse participants. The proposed model is based on the open-source blockchain platform - Hyperledger Fabric.
Disclaimer: This article is provided for informational purposes only. It is not offered or intended to be used as legal, tax, investment, financial, or other advice.