Page 57 - Cyber Defense eMagazine January 2023
P. 57
intelligence about ransomware. The CRI aims to institute real engagement between governmental
organizations and corporations for “trusted information sharing and coordinated action.” CRI participants
made commitments to engage in active information-sharing between the public and private sectors,
including through new platforms, on actors and tradecraft. Private sector insights into the whereabouts
and actions of ransomware actors from across the internet can effectively complement state capabilities
in this aspect – enabling an unfettered two-way flow of information between private and public sectors.
They also launched plans to develop a capacity-building tool to help countries utilize public-private
partnerships to combat ransomware.
The next stage of holistic cybersecurity defense should incorporate hardware and embedded solutions
into the overall infrastructure to stop hackers in their tracks in a small, sealed, and fully engineered
environment at the data storage level. To continue the momentum, governments can advance
comprehensive programs by focusing on supporting research & development, embracing new
approaches, championing the swift adoption of new innovations, initiating pilot programs, enabling the
ease of acquisitions, and lowering barriers to trade.
Defending an ever-expanding attack surface against ransomware
2021-2022 has proven to be a golden age for ransomware criminals as reports of ransomware attacks
ballooned by 62% in 2021 over 2020. The physical layer continues to be overlooked and software
cybersecurity solutions continued to struggle to address countless threat variables in the open
environment. Criminals have increasingly targeted managed service providers, the software supply chain,
and the cloud. The adoption of new technologies has introduced new opportunities to criminals. As the
attack surface expands, more individuals work remotely, and Web3 and cryptocurrency rise in
prominence, cybercrime rings evolved to “operate commercially.” In 2022, we have witnessed more
ransomware attacks tagged to cryptocurrencies.
Crypto winters and cybercrime summers
We shouldn’t expect that the current crypto winter will deter the criminals from exploiting the blockchain,
however. Cryptocurrencies are an asset class, but do not dictate the stability and continued innovation
seen in the Web3 space. Cybercriminals will continue to target Web3 blockchain platforms as their user
base grows, not only targeting crypto assets but other essential personal information that can be
leveraged for ransom. As we are seeing right now, cybercriminals will also shift to other avenues of
attack for large impact and payouts – with the same objective as always. They will aim to access and
exfiltrate data and hold victims for ransom. They will focus more on critical infrastructure with cyber-
physical systems, upon which attacks have quadrupled in the past year.
Cyber Defense eMagazine – January 2023 Edition 57
Copyright © 2023, Cyber Defense Magazine. All rights reserved worldwide.