“Gas” has been a hot topic on the news lately. The cryptocurrency media talked about Ethereum miners’ fees. The mainstream media talked about lifelong gasoline, including a short-term shortage of gasoline on the east coast due to an alleged DarkSide ransomware attack on the Colonial Pipeline system, which provides 45% of its diesel, gasoline and diesel supply from jet fuel the east coast.
In ransomware cases, we usually see a typical cycle repetition: Initially, the focus is on the attack, the root cause, the consequences and the steps companies can take to prevent further attacks in the future. Then the focus often shifts to cryptocurrencies and how their perceived anonymity helps fuel ransomware attacks, thereby encouraging more cybercriminals to jump into the game.
However, when we look at the macro picture of cybersecurity attacks, we see some trends emerging. For example, Cyber attack losses increased 50% between 2018 and 2020, and global losses exceeded $ 1 trillion. This is a foregone conclusion that indicates the proliferation of security flaws that can be exploited.
The rise in cybercrime is also due to the availability of new, out-of-the-box malware that is easy to find on the Internet for those with little knowledge but who want to take advantage of the free cash opportunities offered by businesses. You are not sure . Importantly, the criminals themselves have evolved their strategies to evade defensive security tactics, techniques and procedures (TTP) and ensure they can remain profitable. If cryptocurrency were no longer a viable payment option, attackers would almost certainly switch to a different payment approach. The idea that they would just stop attacking these crypto-free organizations goes against credibility.
The “root cause” of these events, if you will, is not the payment method that the criminals are rewarded with, but the security breaches that allowed them to breach the company and, of course, the fact that there are criminals who do them To commit crime.
We see this demonstrated with the ransomware trend itself (and within the DarkSide attack) Modus operandi constantly changing. In the early days of ransomware, it was relatively simple: A cyber attacker finds a way into the business, most often through a social engineering attack like a phishing email or an insecure remote desktop protocol, and encrypts the victim’s files. The victim pays the ransom via bank transfer or cryptocurrency and in most cases receives the decryption key that is normally (but not always) used to decrypt the files. Another alternative is for the victim to choose not to pay for and restore their files from a backup or simply accept the loss of their data.
Cyber attack tactics
Towards the end of 2019, more companies were preparing for backup strategies to deal with these threats and refusing to pay. Ransomware actors like the Maze ransomware group emerged, evolved and changed tactics. They began to lose data and extort money from their victims: “Pay or we will also publish the sensitive data that we stole from you.” This significantly increased the cost of a ransomware attack, effectively turning it from a business problem into a notification event. This required data discovery, even more legal advice and public scrutiny, while demonstrating the attacker’s determination to find ways to avoid payment obstacles. (DarkSide, believed to be the group behind the Colonial Pipeline attack, is an extortion group.) Another trend noted in the previous report is the increasing choice of victims looking for people who can pay higher sums of money , as well as people who have data that they do not want to share publicly.
Cyber attackers will continue to develop their tactics as long as someone or an organization can attack. They have been doing it since the dawn of cybercrime. Before cryptocurrencies and even cybercrime, we had to throw cash in a pocket at night and make wire transfers as options for anonymous payments to criminals. They will continue to find ways to get paid, and the benefits of cryptocurrencies such as financial freedom, resistance to censorship, privacy, and individual security far outweigh the disadvantages of their attraction to criminals who may find their convenience. Smearing cryptocurrencies does not get rid of the crime.
It can be difficult, or even (probably) impossible, to close all security loopholes in your company. But all too often, critical security issues like regular patching and security training are overlooked, which greatly reduces the risk of ransomware. Let’s keep an eye on the target, the company and not the price, the cryptocurrencies. Otherwise we could hold Fiat responsible for all other financial crimes.
This article does not contain any investment recommendations or recommendations. Every investment and trading step is associated with risks. Readers should do their own research in making their decision.
The views, thoughts, and opinions expressed herein belong solely to the author and do not necessarily reflect or represent the views and opinions of Cointelegraph.
Michael Perklin is the Chief Information Security Officer at ShapeShift, where he oversees all security practices for products, services and companies and ensures that they meet or exceed industry best practices. With over a decade of experience in blockchain and cryptography, he leads a team that ensures that best security practices are applied using specific cybersecurity and blockchain methodologies. Perklin is President of the Cryptocurrency Certification Consortium (C4), a member of various industry bodies, and a co-author of the Cryptocurrency Security Standard (CCSS), which is used by hundreds of global organizations.