Ransomware Takes No Prisoners

By Monica Oravcova, COO and Co-Founder of Naoris Protocol

The recent Killnet cyberattack that disrupted contact between NATO and military aircraft providing aid to victims of the Turkish-Syrian earthquake, is a clear indication that cybercriminals do not discriminate. Anyone, any company and any organisation is a target.

While ransomware was not indicated, the Distributed Denial of Service (DDoS) attack briefly shut down the website of NATO Special Operations Headquarters and disrupted communications with Strategic Airlift Capability, an organisation that relies on NATO for assistance with humanitarian airlifts.

“Computer as a Target” cybercrime like the one above, used to be a rare occurrence, as this type of attack required a high level of expertise and a number of actors working in tandem to execute. Now however, cybercriminals are collaborating, and setting up infrastructures and organisations that have all the hallmarks of legitimate companies, replete with marketing, administration, sales and human resource teams.

Ransomware as a service (RaaS) fuelling attacks

“Computer as a Tool” cybercrime however, is much more prevalent because the skill set required to execute attacks is less demanding. In these cases, the attacker relies on human error or ignorance to exploit a device or network. The statistics are alarming, phishing attacks on mobile devices make up 60% of cyber fraud and 95% of data breaches are caused by humans. Organised crime syndicates are now selling RaaS (ransomware as a service) tools to would-be hackers, it’s estimated that a ransomware attack occurs every 39 seconds, and in a recent Microsoft report the number of password attacks reached 921 attacks per second in 2022, an increase of 74% in just one year.

Attacks on such strategic and important organisations like Nato (and a host of other organisations including Royal Mail and American Airlines) should be limited to movie screens, unfortunately, the breaches are very real and the threat is growing. Best estimates predict that the financial fallout from cyberthreats in web 2 and web 3 could cause A $10 Trillion cyber damage headache by 2025.

Why the battle is being lost

According to Statista, revenue in the Cybersecurity market is projected to reach US$173.50bn in 2023 and the average Spend per Employee is projected to reach US$8.19k, so there is a lot of money being thrown at the problem.

There’s a myriad of reasons why traditional cybersecurity is failing, fundamental issues include the exponential increase in ransomware precipitated by the pandemic and the hasty shift to remote working (an increase of 148% in 2020 alone). This shift to BYOD (bring your own device) and cloud computing happened with little time to put strategies and technology in place for IoT security. Due to business revenue decreases in almost every sector during the lockdowns, IT budgets were cut and staff were culled, resulting in a skills gap, and this culminated in increased cybersecurity weaknesses.

These core issues played right into the hands of cybercriminals and they took full advantage. Innovation in cybercrime technology is as, if not more, robust than cybercrime prevention technology. Cyber criminals have funding, knowhow, time and incentive to sharpen their skills. While payouts for ransomware according to a Chainalysis report revealed that funds sent to known ransomware addresses globally fell from $765.5 million in 2021 to $456.8 million in 2022, it’s premature to celebrate. Even though there is increasing resistance to paying ransoms, there is still the sticky issue of compromised data. The hackers still have access to the data they stole and will no doubt be selling it to other nefarious actors.

Using teaspoons to dig a trench

In an increasingly decentralised and networked world, current cybersecurity solutions are no match for cybercriminals. While cybersecurity mesh architecture (CMSA) championed by Gartner is gaining traction it doesn’t go far enough.

Current cybersecurity is centralised, configuring network devices to operate in silos, all served by cybersecurity software that operates from opaque systems that can’t be audited. In essence, every new device added to a network becomes a single point of risk to the network it serves. Hackers use these weaknesses to launch their malware through phishing and smishing attacks. Given that the majority of individuals operating devices on networks are ill-informed about the dangers of ransomware installed via phishing and smishing, companies are sitting ducks for this kind of attack.

Until cybersecurity solutions are decentralised and distributed; unifying the governance of all devices so they operate in harmony, ransomware attacks will continue to rise.

The need for decentralised security is becoming more urgent, it’s estimated that global ransomware damage alone will cost $256B in 2031. With decentralised security, each device becomes a cyber-trusted validator node that monitors every other device in the network in real time, removing traditional points of failure. It monitors the system’s metadata, OS levels etc. of the devices programmes and Smart contracts (if web 3), and not the activity of the user.

In a decentralised cybersecurity environment, when a hacker interferes with code, there would be an instant alert and the device could potentially be locked out of the network, preventing the full infrastructure from being compromised. This ensures both Web2 and Web3 operate safely, bringing decentralised trust and security enforcement to centralised spaces.

Detection of risks and governance lapses in complex environments or networks, should happen in seconds, not months, which is currently the case. According to IBM, the average breach lifecycle takes 287 days, with organisations taking 212 days to initially detect a breach and 75 days to secure it.

For now, we are going to see an increase in attacks as technology is trying to understand web3 and catch up with web 2. The best defence is education – it’s vital that all employees and individuals are trained on their role in combating cybercrime. Given that 95% of all hacks are caused by human error, this would be a very worthwhile investment.

About Naoris Protocol

Naoris Protocol is the Decentralised CyberSecurity Mesh for the hyper-connected world. Our disruptive design pattern makes networks safer as they grow, not weaker, by turning each connected device into a trusted validator node. A robust Blockchain protocol that every company can use to protect against the escalating levels of cyber threat.

Devices are rewarded for trusted behaviour, fostering a secure environment. Participants earn $CYBER staking rewards for securing the network.

The more users, businesses, and governance structures that use the Decentralised Cyberecure Mesh, creating networks of networks, the stronger and more secure it becomes.

About the Author

Monica Oravcova, COO & Co-Founder of Naoris Protocol . Experienced leader with 15+ years in IT and Cybersecurity for Telco, Finance and Manufacturing, led operations and executive teams for FTSE 100 clients AT&T, IBM and Apple, managing budgets over $100M. Passionate evangelist and thought leader for women in Deep Tech.

Monica can be reached online at LinkedIn and at our company website https://naorisprotocol.com/ .