By Narayan Neelakantan, Co-Founder and CEO, Block Armour
Ransomware has fueled a new wave of cybercrime against organizations. While ransomware targets both enterprises as well as individuals, the former offers a far higher level of profitability. With every passing day, attackers are launching more phishing campaigns, engineering new exploit kits and releasing new variants of ransomware to target organizations and hold their data ransom.
A successful ransomware attack can not only cause businesses financial damage due to the ransom payout, but also cause significant economic losses due to the business disruption caused by locking out vital information, and subsequently, due to the negative impact on reputation leading to a loss of customers in the aftermath of an attack.
The recent rampage of WannaCry succeeded in taking ransomware out of the domain of cybersecurity and raising widespread awareness about cybercrime and how it affects not just organizations, but also individual users.
While its perpetrators only managed to collect around $100,000 in ransom, it succeeded in causing nearly $8 billion of economic losses to businesses in almost 200 countries and has now come to be known as the world’s largest cyberattack.
As more enterprises undergo digital transformation, the value of data continues to increase. While automation enables faster and more scalable operations, digital data becomes even more critical to an enterprise’s functioning.
Existing cybersecurity solutions like strong firewalls and antivirus programs could not keep WannaCry from infecting enterprise networks and systems, which went on to successfully lockout users from their data and demand ransom in Bitcoins. The need of the hour is for solutions that offer a new and evolved approach in guarding against more sophisticated cyberthreats.
Blockchain could offer a future-ready mechanism for enterprises to protect their networks and critical infrastructure from emerging cyber threats like ransomware. The WannaCry ransomware attack exploited a dated, unpatched vulnerability in Microsoft Windows to infect its users.
Over 67% of the systems infected by WannaCry ran on Windows 7 – a significantly older, but still commonly used OS. This attack illustrates how easy it is for cybercriminals to take advantage of legacy hardware, ineffective IT policies and disconnected interactions between IT and business functions within an organization.
The advantage of enabling blockchain-based cybersecurity is that even if data is accessed by legacy hardware, its decentralized nature of data storage prevents organizations from having a single point of failure, which can be targeted and attacked by hackers.
Without sensitive data being collected and maintained at a single physical location, cybercriminals would be unable to lock and hold data ransom.
In addition, blockchain offers organizations the ability to store critical data in an encrypted format, across records that are immutable and tamper-proof. Data stored in a blockchain undergoes sequential hashing to generate a unique fingerprint.
Blocks of transactions taking place within the system are linked by these hashes to ensure data integrity.
Any attempt to access or alter data stored in a blockchain is indelibly recorded, allowing organizations to not only restrict access to unauthorized users from outsider their networks but also reduce the risk of insider threats.
In addition to allowing critical data to be managed in a decentralized manner, blockchain allows for improved provisioning of digital identity and access management services. A blockchain-enabled cybersecurity solution will allow organizations to enforce tighter access controls and prevent mishandling of data by unauthorized users.
When access to sensitive data gets controlled more effectively, the threat of ransomware correspondingly becomes more controlled and manageable.
While blockchain originally emerged as a completely secure mechanism to ensure Bitcoin transactions and has made a considerable impact on the fintech space, rising sophistication and frequency of cyberthreats requires a brand-new focus on this technology from a cybersecurity perspective.
Blockchain can empower organizations by giving them the ability to enforce improved identity and access management to keep cybercriminals at bay.
About The Author
Narayan Neelakantan is the Co-Founder and CEO of Block Armour – an India-based startup working on providing next-gen enterprise cybersecurity, powered by blockchain technology. With over 16 years of experience in the field of Cybersecurity, IT Governance, Risk & Compliance and IT Infrastructure, Narayan is an innovative thought leader responsible for strategizing, implementing and maturing Risk Management & Cyber Security. He was previously the CISO and Head – IT Risk & Compliance with India’s National Stock Exchange (NSE) – Technology. Narayan can be reached online at firstname.lastname@example.org, https://twitter.com/BlockArmour and at our company website http://www.blockarmour.com/