Is Blockchain The Answer To Rampaging Ransomware?
The past couple of decades have seen a titanic shift in the world — a shift which many agree has affected and will continue to affect the human civilization in fantastic ways. Led by digital technologies, this shift has made the world flat, creating new synergies, business models, and opportunities. However, like every coin, there are two sides to this digital world.
A Ruined Monday!
Imagine this scenario: It’s a quaint Monday morning, and you are busily tapping away at your computer. Suddenly your device which has been dependable so far, thanks to a hard-working IT department, stops working.
Surprised, you look around and discover that you are not the only one in this predicament. All around the office, people are leaning back from their systems, confused. You turn back to your system and see a note emblazoned across the screen “Your files are now encrypted by ransomware. Pay $200 in bitcoin to Wallet ID XXXXXXX to unlock this PC”.
The stuff of nightmare of most organizations, this situation has the potential to bring business to a standstill, and cause massive damage in terms of money and reputation.
Unfortunately, ransomware attacks are becoming an all too common occurrence over the past couple of years.
From WannaCry which infected 300,000 computers and crippled hundreds of organizations in 2017, to the malicious Ryuk, which raked in millions by targeting organizations that had a particularly low tolerance for downtimes, ransomware has emerged as a serious threat for businesses and individuals connected to the internet.
In 2017 alone, businesses faced financial damages to the tune of $75 Bn. What’s even more worrying, is the fact that almost 3 quarters of affected companies were running up to date endpoint protection.
While the number of companies being affected by ransomware has come down over the past two year due to a better understanding of the threat, ransomware remains as dangerous as ever. What makes ransomware particularly dangerous, is the fact that they have a virulent spread and can infect the whole organization, through emails and file transfers before any preventive steps can be taken.
The attacks can start from unexpected sources: Something as simple as opening a particular email, downloading an attachment, or even visiting compromised websites could cause your system to be infected.
Other attack vectors include malvertising, instant messaging, phishing, etc.
Once a system is compromised, it’s only a matter of time before the rest of the network is affected as well. The virus analogy can be taken a step further here: Ransomware evolves very frequently, making combating them through regular means a difficult proposition.
Seeking The Answer In The Question
In a rather ironic twist, however, blockchain has emerged as a potential answer to the question of protecting storage, data, and systems from ransomware.
The situation is ironic because in cases of ransomware attacks, payment must be made to the culprits (hence the “ransom” in the name) in order to receive the code that will disable the ransomware and re-enable your access to your system/data/storage. And typically, the payments must be made in bitcoin or some other blockchain-based mode of payment!
Coming back to how Blockchain can help you guard against ransomware, blockchain solutions are based on the public, distributed ledger technology under which every single system connected to the network can store unique hash/signatures associated with your files.
A hash is basically nothing but a mathematical function used as part of Blockchain. The function is used to generate a transaction history that can be leveraged to confirm the validity of transactions and to quickly corner out and isolate any suspected occurrences that could be primary signs of a potential ransomware attack.
Any changes made to the database are communicated to all these systems, which must then verify and sanctify them. This system of storing information ensures that there is no way to alter information without causing an alert.
In other words, making alterations to data without causing alarm is nearly impossible because of the immutability of the blockchain fabric. And since all systems are intimately connected through the ledger, any changes made to data on one system will instantly cause an alert that will allow the organization to take preventive steps such as isolating the affected system to prevent further spread of the ransomware file, either accidental or intentional.
Finally, blockchain can be used to limit sources of input to ensure that the only input to the system is from very trusted mediums. Since ransomware needs to be injected from the outside, this would have the effect of limiting the potential attack pipeline and this decrease the chances of your system, or your organization’s system being affected by ransomware.
Another factor in favor of implementing Blockchain to ward off ransomware attacks is the nature of typical victims. Ransomware typically targets institutions like hospitals and financial institutions, which heavily rely on peer to peer transactions. In healthcare, for instance, there are multiple stakeholders and technology involved which interact with and share patient data.
And Blockchain is nothing but a ledger that draws upon the benefits of a decentralized distributed system of transactions, making it a perfect solution for protecting the typical victims of ransomware attacks.
Implementing Blockchain Can Be Hard, But Worth It!
In view of everything we have discussed above, the onus is to find a technology or technologies, that can permit a more distributed, decentralized storing and access to data. And Blockchain fits this bill perfectly.
To take a use case, you can easily structure your Blockchain based systems in a manner that allows you to save documents or block signatures on the blockchain rather than sharing the entire block or file. This guarantees an unprecedented level of security by ensuring that any changes to the file will be instantly visible since the associated signature will be rendered invalid.
To take another example, sensitive data — for example, data from healthcare or finance domain — that is often targeted by hackers can be protected by using Blockchain as a standard. By using Blockchain, the data can be rendered all but useless for hackers even if they manage to somehow steal it since it can not be unlocked or decrypted without the appropriate keys.
Blockchain can also be used to cut-off malware attacks at one of their major sources: That is via downloads and updates. Through the use of technology, a unique hash or signature can be assigned to updates or downloads. Users can then compare the hash on the package or file they are downloading to the hash published by the developer. If they match, the file is safe to download since any changes made to it, by say a nefarious agent who wants to replace it with malware, will render the hash/signature useless.
What’s more, this also gives the users a decentralized path to storing and transacting data that does not force them to rely on and trust central authorities or institutions like Facebook, Google, Amazon, eBay or financial institutions like banks.
Finally, new applications for Blockchain technology are being discovered every day. For instance, there is ongoing research into using the power of the network, which is what Blockchain is all about, to guard against DDoS attacks. This can be done by allowing users/devices/networks coming under attack to quickly join other distributed networks that can augment their security.
Instead, a digital ledger of transactions is maintained with every computer having a complete copy of the data. This lack of a single authority makes the system fairer and considerably more secure.
To conclude the article, lack of a single point of failure, strong support for peer-to-peer, decentralized, distributed transactions, immutability, and rapid alert across the chain in case of changes being made to any data all make Blockchain a strong candidate for defending against ransomware attacks. With all that said, transitioning to any new technology is hard and Blockchain is no exception.
Along with the difficulties involved in moving to a decentralized system, ensuring regular updates, etc. would also be required to make Blockchain successful within your organization. Also, Blockchain does not make backups redundant. Being at its essence a ledger of a chain, Blockchain does not keep the file itself. So in the case where a malicious hacker deletes the files you were protecting, Blockchain will only let you know when and by whom, the changes were made. As such, you will need to combine them with backups (Original+Latest, or Original+Yearly backups) to get the most bang for your buck. However, deploying Blockchain would make it easier for you to manage and oversee the storage and compute within your enterprise, and better guard against ransomware and other, similar business-crippling threats.
I leave you with a final image, depicting a prediction made about Blockchain and potential market value of the technology in the near future. Meanwhile, you can learn more about Blockchain and how it is changing businesses across the globe, by following me on Twitter and LinkedIn.