intelligence  about  ransomware.  The  CRI  aims  to  institute  real  engagement  between  governmental
            organizations and corporations for “trusted information sharing and coordinated action.” CRI participants
            made  commitments  to  engage  in  active  information-sharing  between  the  public  and  private  sectors,
            including through new platforms, on actors and tradecraft. Private sector insights into the whereabouts
            and actions of ransomware actors from across the internet can effectively complement state capabilities
            in this aspect – enabling an unfettered two-way flow of information between private and public sectors.
            They  also  launched  plans  to  develop  a  capacity-building  tool  to  help  countries  utilize  public-private
            partnerships to combat ransomware.

            The next stage of holistic cybersecurity defense should incorporate hardware and embedded solutions
            into the overall infrastructure to stop hackers in their tracks in a small, sealed, and fully engineered
            environment  at  the  data  storage  level.  To  continue  the  momentum,  governments  can  advance
            comprehensive  programs  by  focusing  on  supporting  research  &  development,  embracing  new
            approaches, championing the swift adoption of new innovations, initiating pilot programs, enabling the
            ease of acquisitions, and lowering barriers to trade.



            Defending an ever-expanding attack surface against ransomware

            2021-2022 has proven to be a golden age for ransomware criminals as reports of ransomware attacks
            ballooned  by  62%  in  2021  over  2020.  The  physical  layer  continues  to  be  overlooked  and  software
            cybersecurity  solutions  continued  to  struggle  to  address  countless  threat  variables  in  the  open
            environment. Criminals have increasingly targeted managed service providers, the software supply chain,
            and the cloud. The adoption of new technologies has introduced new opportunities to criminals. As the
            attack  surface  expands,  more  individuals  work  remotely,  and  Web3  and  cryptocurrency  rise  in
            prominence,  cybercrime  rings  evolved  to  “operate  commercially.”  In  2022,  we  have  witnessed  more
            ransomware attacks tagged to cryptocurrencies.



            Crypto winters and cybercrime summers

            We shouldn’t expect that the current crypto winter will deter the criminals from exploiting the blockchain,
            however. Cryptocurrencies are an asset class, but do not dictate the stability and continued innovation
            seen in the Web3 space. Cybercriminals will continue to target Web3 blockchain platforms as their user
            base  grows,  not  only  targeting  crypto  assets  but  other  essential  personal  information  that  can  be
            leveraged for ransom.  As we are seeing right now, cybercriminals will also shift to other avenues  of
            attack for large impact and payouts – with the same objective as always. They will aim to access and
            exfiltrate data and hold victims for ransom. They will focus more on critical infrastructure with cyber-
            physical systems, upon which attacks have quadrupled in the past year.











            Cyber Defense eMagazine – January 2023 Edition                                                                                                                                                                                                       57
            Copyright © 2023, Cyber Defense Magazine. All rights reserved worldwide.