The Rise in Ransomware: Here's How to Fight It

Crypto and blockchain communities are working together to combat ransomware by educating their users and the public.

PR Image Factory
PR Image Factory/stock.adobe.com

Incidents of ransomware have skyrocketed, increasing 485% globally in 2020 compared to the previous year, according to cybersecurity firm Bitdefender. However, many attacks go unreported to authorities because disclosing to the world "we've been hacked" can damage even the best company reputation.

Cyberattacks have been around for decades, but the most recent attacks on major healthcare facilities, food manufacturers, educational institutions and investment firms have opened the world's eyes to the prevalence of ransomware. Every country, government, industry and organization with an online presence is vulnerable to a ransomware attack. Unlike crypto-jacking (which even the least skilled hackers can maneuver), ransomware is more destructive and involves extensive research, plotting and technical expertise.

Further compounding the issue is the overwhelming number of ransomware attacks demanding payment by cryptocurrency. Crypto is becoming the "go-to" payment demand for hackers today because payment is quick and reliable. Victims want access restored to their systems as soon as possible, so hackers demand bitcoin instead of a wire transfer or payment that can take hours or days to process.

Unlike ransom demands using traditional currency that banks and processing companies can halt, the crypto market doesn't have similar regulatory oversight. Therefore, criminals can forgo banks' know-your-customer processes. And because it's digital, crypto is quickly and easily transferred by hackers worldwide.

However, it's not all doom and gloom. Because all crypto transactions are recorded on a blockchain's ledger, there are tools in place today to mitigate attacks and make reported ransomware traceable. While these tools help law enforcement track transactions, recover assets and identify hackers, they do not eliminate the overarching ransomware problem. What's more, many hackers and cybercriminals leverage the dark web, which severely hinders traceability and recovery.

There are ongoing debates among leading global government agencies, investors, blockchain providers and crypto enthusiasts as to how we can work together to prevent ransomware. Proposals include banning ransomware payments, making cryptocurrency illegal and requiring companies to immediately disclose ransomware attacks. While these approaches cut off hackers' cash supplies and prevent companies from handing over their money, the impact on individuals with crypto investments, as well as crypto companies themselves, would prove devastating. Regulating the cryptocurrency space and/or restricting certain exchanges will make it more difficult to process transactions and help with detection; however, hackers will simply find other ways to obscure and hide transactions such as privacy wallets.

In my work with proofchain protocal in the blockchain security space, the question we ask is, how can we eliminate ransomware so that we may finally begin to understand the enormous potential of blockchain and crypto technology? The answer lies in the very blockchain that's being used against us.

There are two main reasons that ransomware attacks succeed. The first focuses on state storage or how data is stored on a blockchain. Leading blockchains house their data and transactions on a single, common centralized ledger. On this centralized network, transactions are pooled together in "blocks" that are organized sequentially, and each one must be secured independently. Each block has a limited number of transactions and must rely on the other to validate a transaction. As usage grows, the ledger grows, which causes transactions to slow. All data is replicated across all nodes on a centralized blockchain, leaving it exposed to ransomware attacks. A user's transaction data can be potentially exposed to everyone in the network, raising privacy and security concerns beyond an external security breach.

Decentralizing the blockchain — and thereby the storage of all proofs and data — is the first step to eliminating ransomware. This approach eliminates a centralized server and allows for peer-to-peer transactions to occur in parallel, asynchronously and on chain. Transactions scale independently from one another and with the size of the network while preventing user data from exposure internally amongst other users and externally to hackers. A true peer-to-peer network means users control their data and transactions; there are no supernodes, clusters or other third parties involved. I believe many experts in the crypto and blockchain world agree decentralized blockchains are our best defense against ransomware. Unfortunately, most are not yet ready for market.

The second reason ransomware succeeds is because of numerous security flaws found within the blockchains themselves. Hackers leverage passwords and keys to ultimately crack the very cyber defenses intended to keep users safe. Eliminating ransomware requires eliminating passwords and keys. The 2021 IBM Cost of a Data Breach Report concluded that companies adopting a zero-trust security model were better positioned to handle data breaches. Zero-trust, passwordless digital identities and biometric authentication technologies protect users, their data, their transactions and their investments. Additionally, QR codes and digital rights management (DRM) technology allows users to secure, authenticate and prove ownership of their digital and tangible assets while allowing them to sell, rent or license their assets for monetization. The ability to split and store private keys further enhances security for users.

Decentralized, peer-to-peer blockchains are the best way to build enterprise applications because of their ability to scale quickly and offer zero trust and selective disclosure. Their assets — and identity — are inaccessible and untouchable. By 2022, Gartner projects that "60% of large and global enterprises, and 90% of midsize enterprises, will implement passwordless methods in more than 50% of use cases," which will prove instrumental in helping prevent cyberattacks.

Crypto and blockchain communities are working together to combat ransomware by educating their users and the public. While I have seen a rise in the popularity of cryptocurrencies, crypto exchanges and digital assets (particularly in sports, art and entertainment), many people remain uncertain as to how this industry works, let alone how it can positively impact their everyday lives. Education is critical to helping governments, enterprises and communities recognize the improved efficiencies blockchains offer as a safe, secure and effective way to conduct business and promote participative capitalism.

Blockchains have the power to reinvent global commerce and transform how data is shared across industries, companies and people around the world. Eliminating ransomware is the first step in this transformation.

The Newsweek Expert Forum is an invitation-only network of influential leaders, experts, executives, and entrepreneurs who share their insights with our audience.
What's this?
Content labeled as the Expert Forum is produced and managed by Newsweek Expert Forum, a fee based, invitation only membership community. The opinions expressed in this content do not necessarily reflect the opinion of Newsweek or the Newsweek Expert Forum.