{"id":7960,"date":"2020-01-27T21:54:20","date_gmt":"2020-01-27T19:54:20","guid":{"rendered":"https:\/\/forklog.media\/?p=7960"},"modified":"2020-01-28T17:50:52","modified_gmt":"2020-01-28T15:50:52","slug":"bitcoin-extortion-and-hacked-gadgets-how-blockchain-will-repel-cyberattacks-in-2020","status":"publish","type":"post","link":"https:\/\/forklog.com\/en\/bitcoin-extortion-and-hacked-gadgets-how-blockchain-will-repel-cyberattacks-in-2020\/","title":{"rendered":"Bitcoin Extortion and Hacked Gadgets: How Blockchain Will Repel Cyberattacks in 2020"},"content":{"rendered":"<p><span style=\"font-weight: 400;\">According to the <\/span><a href=\"https:\/\/ciphertrace.com\/q3-2019-cryptocurrency-anti-money-laundering-report\/\"><span style=\"font-weight: 400;\">report<\/span><\/a><span style=\"font-weight: 400;\"> by CipherTrace, losses to frauds and theft related to cryptocurrency amounted to $4.4 billion in 2019. As the hi-tech market develops, cybercriminals have shifted their focus from exploiting technical vulnerabilities to social engineering. Using the typical weaknesses we humans have isn\u2019t too hard and doesn\u2019t require special skills.<\/span><\/p>\n<p><!--more--><\/p>\n<p><span style=\"font-weight: 400;\">Experts see distributed ledger technology as one of the means of protection against cyberattacks in 2020.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">We provide the translation of an <\/span><a href=\"https:\/\/forklog.com\/vymogatelstvo-bitkoinov-i-vzlom-telefonov-kak-blokchejn-budet-borotsya-s-populyarnymi-kiberatakami-2020-goda\/\"><span style=\"font-weight: 400;\">article<\/span><\/a><span style=\"font-weight: 400;\"> by Mikhail Kondrashin, technical director at the cybersecurity firm Trend Micro. He reviewed the main types of cyber threats to expect this year and the ways to avoid them.<\/span><\/p>\n<h2><span style=\"font-weight: 400;\">The Threats of 2020<\/span><\/h2>\n<p><span style=\"font-weight: 400;\">Trend Micro\u2019s research shows that cybercriminal forums offer options like \u201cMalware-as-a-Service\u201d or \u201cRansomware-as-a-Service.\u201d Anybody can use these tools to launch their own cyberattack at will.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Traditionally, the targets for cyberattacks are financial institutions and their clients. It isn\u2019t much different in the crypto-industry. Hackers use similar techniques to steal traditional money and cryptocurrencies.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">In the cybercriminal landscape of 2020 we may expect:<\/span><\/p>\n<ul>\n<li style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">More targeted ransomware attacks.<\/span><\/li>\n<li style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">More attacks on smart infrastructure, IoT, and industrial IoT.<\/span><\/li>\n<li style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">More attacks on mobile devices.<\/span><\/li>\n<li style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">More attacks on personal data: leaks, modification, and malicious use.<\/span><\/li>\n<li style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">New vectors of attack: fintech startups, including many blockchain platforms, and their clients.<\/span><\/li>\n<\/ul>\n<h2><span style=\"font-weight: 400;\">Account Protection<\/span><\/h2>\n<p><span style=\"font-weight: 400;\">Cybersecurity news feeds for the past several years have numerous mentions of account credentials being leaked or stolen. Cybercriminals use social engineering, as well as phishing letters and websites to make their victims give out logins and passwords.\u00a0<\/span><\/p>\n<p><span style=\"font-weight: 400;\">One of the ways to protect your password is not to have one. There are blockchain-based platforms that allow you to do just that, such as <\/span><a href=\"https:\/\/www.civic.com\/\"><span style=\"font-weight: 400;\">Civic<\/span><\/a><span style=\"font-weight: 400;\"> and <\/span><a href=\"https:\/\/www.hypr.com\/authentication-platform\/\"><span style=\"font-weight: 400;\">HYPR<\/span><\/a><span style=\"font-weight: 400;\">. Civic is a digital identity management platform that protects users\u2019 personal data against theft and identity fraud. HYPR is an authorization platform and a package of biometric systems protecting mobile and desktop users, as well as the IoT.\u00a0<\/span><\/p>\n<p><span style=\"font-weight: 400;\">A decentralized authentication platform allows organizations to work with biometric data without the risk of a server or a database with sensitive information being compromised.<\/span><\/p>\n<h2><span style=\"font-weight: 400;\">Personal Data Protection<\/span><\/h2>\n<p><span style=\"font-weight: 400;\">Personal data legislation is getting stricter around the world. The EU\u2019s GDPR involves serious punishment for the companies violating its rules. In 2018 alone, the collected fines amounted to \u20ac56 million. In 2019, Marriott International and British Airways were fined <\/span><a href=\"https:\/\/ico.org.uk\/about-the-ico\/news-and-events\/news-and-blogs\/2019\/07\/statement-intention-to-fine-marriott-international-inc-more-than-99-million-under-gdpr-for-data-breach\/\"><span style=\"font-weight: 400;\">\u20ac110 million<\/span><\/a><span style=\"font-weight: 400;\"> and <\/span><a href=\"https:\/\/ico.org.uk\/about-the-ico\/news-and-events\/news-and-blogs\/2019\/07\/ico-announces-intention-to-fine-british-airways\/\"><span style=\"font-weight: 400;\">\u20ac204.6<\/span><\/a><span style=\"font-weight: 400;\"> million respectively because of personal data leaks.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Using blockchain for personal data handling allows you to keep a log of whatever is done to a piece of data in the ledger. Blockchain immutability, however, leads to <\/span><a href=\"https:\/\/blog.trendmicro.com\/gdpr-vs-blockchain-technology-vs-the-law\/\"><span style=\"font-weight: 400;\">complications<\/span><\/a><span style=\"font-weight: 400;\"> with the right to be forgotten. The owner of personal data can ask to erase it, so companies would have to figure out how to remove the information from an immutable ledger.<\/span><\/p>\n<h2><span style=\"font-weight: 400;\">Corporate Blockchains and Crypto-Exchanges Security<\/span><\/h2>\n<p><span style=\"font-weight: 400;\">Attacks on blockchain platforms work similarly to attacks on any other cryptography. They exploit vulnerabilities and use social engineering. A typical example of such an attack is a phishing letter with a malicious attachment executed by an employee of a crypto-exchange or other company. This leads to cryptocurrency theft, data leaks, and other incidents.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Protection against such attacks relies on a spectrum of technical and administrative measures, as well as purpose-made solutions. For blockchain platforms, the measures include multi-signature and authentication applications for 2FA (two-factor authentication).<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Neglecting smart contracts and multi-signature is considered to be one of the primary reasons behind the notorious Coincheck hack in 2018. Over $500 million in NEM were stolen in the incident. Experts note that before the hack Coincheck received letters with malware that facilitated key theft.<\/span><\/p>\n<h2><span style=\"font-weight: 400;\">Supply Chain Security<\/span><\/h2>\n<p><span style=\"font-weight: 400;\">Another important type of attack is the Business Email Compromise (BEC). It involves an adversary who penetrates the chain of interaction between a company and its counterparties to steal money or inflict harm in other ways.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">If all such interactions are written in a blockchain or fixed with smart-contracts, attackers won\u2019t have an easy way to get in. Moreover, blockchain allows one to check for the authenticity of products and monitor data and physical goods across the entire supply chain.\u00a0<\/span><\/p>\n<h2><span style=\"font-weight: 400;\">IoT Security<\/span><\/h2>\n<p><span style=\"font-weight: 400;\">According to <\/span><a href=\"https:\/\/www.gartner.com\/imagesrv\/books\/iot\/iotEbook_digital.pdf\"><span style=\"font-weight: 400;\">Gartner<\/span><\/a><span style=\"font-weight: 400;\">, in 2020, there will be over 20 billion IoT devices. In 2030, there will be 500 billion. This is a revolution going far beyond smart light bulbs, fridges, and even houses. IoT devices will be widely used everywhere from agriculture to healthcare. It is still hard to imagine all the potential applications.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">It won\u2019t take long. In a few years, the entire world will be very much interconnected and \u201csmart.\u201d Unfortunately, it will bring new security problems. Almost all IoT devices have vulnerabilities. Hackers might be able to control people\u2019s cardiac stimulators, remotely disable cars, and organize large-scale DDoS attacks.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Any fault in an IoT system puts numerous devices, data, and supply chains at risk. The problems with IoT security are usually related to authentication, connection, or transaction.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">A blockchain controlling data access will act as an additional obstacle for the attackers. It can prevent a vulnerable device from transmitting false information and compromising the network environment, whether it is a smart home or a smart factory.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Additionally, decentralization solves the problem with authentication server failures.<\/span><\/p>\n<p><a href=\"https:\/\/uniquid.com\/\"><span style=\"font-weight: 400;\">Uniquid<\/span><\/a><span style=\"font-weight: 400;\"> builds a blockchain-powered cloud platform for authentication based on Litecoin. Each connected device is registered in a ledger, while each instance of granting or revoking rights is represented by a publicly visible blockchain transaction. This makes unauthorized connections and man-in-the-middle attacks difficult.<\/span><\/p>\n<h2><span style=\"font-weight: 400;\">Conclusion<\/span><\/h2>\n<p><span style=\"font-weight: 400;\">Blockchain can mitigate cybersecurity risks. Although, just like any other technology it isn\u2019t a silver bullet against all threats.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Making distributed ledger technologies a common practice takes great effort in terms of standardization, hardware, and protocol tweaking, developing new solutions for low-performance IoT components, and creating legislation to direct the use of the technology.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">We can witness the adoption of blockchain, as major corporations start using it to control supply chains, protect infrastructure, and solve all sorts of problems. But we are still at the very beginning of a long way to a safe future, powered by a global distributed ledger.<\/span><\/p>\n<p><b>Follow us on<\/b> <a href=\"https:\/\/twitter.com\/forklogmedia\"><b>Twitter<\/b><\/a><b> and <\/b><a href=\"https:\/\/www.facebook.com\/forklogmedia\"><b>Facebook<\/b><\/a><b> and join our <\/b><a href=\"https:\/\/t.me\/forklogmedia\"><b>Telegram channel<\/b><\/a><b> to know what\u2019s up with crypto and why it\u2019s important.<\/b><\/p>\n","protected":false},"excerpt":{"rendered":"<p>According to the report by CipherTrace, losses to frauds and theft related to cryptocurrency amounted to $4.4 billion in 2019. As the hi-tech market develops, cybercriminals have shifted their focus from exploiting technical vulnerabilities to social engineering. Using the typical weaknesses we humans have isn\u2019t too hard and doesn\u2019t require special skills.<\/p>\n","protected":false},"author":6,"featured_media":7963,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"select":"1","news_style_id":"","cryptorium_level":"","_short_excerpt_text":"","creation_source":"human_written","_metatest_mainpost_news_update":false,"footnotes":""},"categories":[198],"tags":[18,44,43,148],"class_list":["post-7960","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-opinion","tag-bitcoin","tag-cybercrime","tag-hackers","tag-security"],"aioseo_notices":[],"amp_enabled":true,"views":"584","promo_type":"1","layout_type":"","short_excerpt":"","is_update":"","_links":{"self":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts\/7960","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/users\/6"}],"replies":[{"embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/comments?post=7960"}],"version-history":[{"count":2,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts\/7960\/revisions"}],"predecessor-version":[{"id":7962,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts\/7960\/revisions\/7962"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/media\/7963"}],"wp:attachment":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/media?parent=7960"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/categories?post=7960"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/tags?post=7960"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}