Acronis Cyber Protection Week: Anti-ransomware, blockchain-based capabilities

In recognition of Acronis Cyber Protection Week 2023

Ransomware has become the new cash cow for cybercriminals, handing them an estimated $1 billion in revenue every year. Businesses fall victim to a ransomware attack every 40 seconds. This data highlights the prevalence of ransomware amid the digitization boom.

The wide implementation of blockchain added salt to an already-existing wound, with cybercriminals leveraging the anonymity that blockchain provides. This has led to a hydra-headed issue for many organizations — ransom fees, loss of business files, lost productivity, litigation fees, regulatory sanctions, IT costs, and reputational damage.

This post will explore the topic of ransomware, the inadequacy of current solutions to counter it, and how, ironically, blockchain has emerged as the best hope for organizations to ensure data authenticity and combat cybercrime.

Using ransomware, cybercriminals seize access to an organization’s database, demand a ransom, and threaten to delete the organization’s data or release it to the public if the ransom is not paid. Methods of implementing ransomware include social engineering attacks, such as phishing emails, SMS texts, or pop-up ads to gain access to an organization’s IT environment. Hackers can also use the remote desktop protocol (RDP) and other approaches that require zero user interaction.

Examples of ransomware include encryptors that encrypt files and render them inaccessible without a key, lockers that restrict access, doxware or leakware that threatens to expose an organization’s sensitive information, and ransomware-as-a-service.

Ransomware-as-a-service (RaaS) is an emerging cybercrime model where a non-tech person can distribute the malware, and the developer gets his cut of the loot once a successful hack is completed.

Anti-ransomware tools seek to help organizations prevent ransomware attacks and recover from successful ones using specialized technology and training. Traditional anti-ransomware solutions include firewalls and antivirus software, as well as the implementation of strong passwords. Modern anti-ransomware tools are ML-based and scan for ransomware indicators, such as anomalies in email headers, domain similarity, and strange language in the body of emails.

Both traditional and modern anti-ransomware solutions pose certain challenges. For one, they rely on signature-based detection to identify known ransomware variants, but this method is ineffective against new and unknown ransomware variants. Additionally, current solutions sometimes result in false positives and false negatives.

Since ransomware attacks rely on data and access forgery, organizations must improve their systems to preserve data authenticity. Blockchain is one potent way to improve these systems.

Effective cyber protection constitutes a synergy between cybersecurity and data protection. An efficient anti-ransomware solution must align with its five critical stages—prevention, detection, response, recovery, and forensics. Of the many new anti-ransomware approaches, using blockchain’s decentralized, distributed ledger has garnered the most attention thus far. Blockchain records transactions as encrypted data across a network of computers; this data, encrypted via hash functions or asymmetric-key algorithms, cannot be deleted or altered.

A hash function is the creation of blocks coded with a collection of hash values whenever a transaction occurs in the blockchain. Every subsequent transaction is encrypted with the hash value of the previous block's header using an encoded timestamp. This way, every block is linked to the first block, and the links are immutable because they are created with unique information from each block.

Asymmetric encryption creates a pair of keys, private and public, randomly generated. While the public key is transferable through unsecured channels, the private key is only available to the user.

The decentralization and encryption features of blockchain have proven to be potentially useful anti-ransomware technologies going forward, especially due to its ability to help preserve data authenticity.

When it comes to data authenticity, there are a couple of key benefits blockchain offers.

In the conventional system of centralized storage, when data is entered, it is transmitted to the terminal systems where the user has little control over its fate. This leaves a vulnerability gap that cybercriminals can exploit.

Blockchain has decentralized storage, making it difficult to exploit. Even if one part of the network is compromised, the rest of the network remains secure, preventing attackers from gaining access to sensitive information or causing widespread damage. Exploitation is only possible through social engineering or the collapse of individual blocks, and the latter is even easily detected by living nodes. This does not imply a weakness in blockchain technology. It infers that the IT team only has to address the compromised node by restoring it to its previous version or by cutting the node out from the network.

Blockchain’s tamper-proof and secure digital transaction record can help prevent the spread of ransomware and other cyberthreats. The data records can only be altered via automated systematic actions and events triggered only when certain conditions are met.

To ensure interdependency between all components of your organization’s cyber protection framework, choose a blockchain-aware solution provider that easily integrates with existing security tools and systems, such as firewalls, intrusion detection systems, and endpoint protection.

Blockchain-based anti-ransomware is still novel and evolving, but it could be the ultimate solution to all forms of data hijacking and access forgery. IT professionals and security experts must stay ahead of the curve by keeping up-to-date with the latest developments in blockchain technology and exploring ways to leverage it in cyber protection.

Further research is required to explore the feasibility and effectiveness of blockchain-based security solutions, as well as their scalability and interoperability with other security systems. Additionally, there is a need to investigate the potential ethical and legal implications of using blockchain, including when it comes to data privacy, transparency, and accountability.

Acronis is well known as a pioneer in cyber protection. Its next-generation email security and data backup products feature blockchain-based notary/data authenticity. Our state-of-the-art sophisticated threat intelligence nips ransomware before any damage is done.

Give it a try today.