How blockchain could have stopped WannaCry ransomware
by Anas Rasheed Mohd, Product Marketing Specialist, Sofocle
According to reports by various agencies, the May cyberattack that used ransomware known as 'WannaCry' affected more 200,000 computers in more than 150 countries.
The ransomware was supposedly spread through spam emails, fake invoices, job offers and the like, and included .zip file attachments. Once the attachment was clicked, it initiated the infection by WannaCry.
However, one division of Cisco believes that vulnerable systems left open on the internet could have been attacked — and likely still could be — without any need for phishing.
What is 'WannaCry'?
WannaCry is based on military-grade hacking code used by security agencies to hack the systems of terrorists and others who present a security threat.
In April, a group of hackers going by the name "Shadow Brokers" posted online a host of tools apparently belonging to the U.S. National Security Agency.
One of these was "Eternal Blue" (also known by its Microsoft security bulletin number, MS17-010) an exploit of outdated and unpatched Microsoft Windows systems such as XP and Windows server 2003.
Symptoms of an infection
Computers infected with the malware immediately display a popup screen saying, "Oops, your important files are encrypted."
The ransomware affects files with commonly used extensions such as PPT, DOC, and TIFF, as well as media files such in MP4 and MKV formats.
In exchange for the release of the user's files, the hackers demand payment — in the case of WannaCry, approximately $300 to $600 — to be paid in bitcoin.
For governments and security agencies around the world, the WannaCry attack should serve as a wake-up call regarding the need to take a different approach to securing weapons in cyberspace.
These should be stored in a highly secure environment, similar to weapons in the physical world, since they can be potentially as destructive as physical weapons.
Failing to protect cyberweapons using the latest security measures — such as blockchain technology — is like stockpiling a nuclear arsenal in a standard safe.
How blockchain can help
Blockchain solutions are based on distributed ledger technology in which all of the computers in a blockchain network (i.e., a "node") maintain their own copy of the database.
Whenever a change or transaction occurs in the database, it is known to all of the computers in the network, which verify the transaction.
In other words, there is no centralized location from which the hacker can steal the information. Since the whole network immediately knows about any activity happening on it, it is almost impossible for a hacker to steal data without raising an alert.
Anas Rasheed Mohd is a Product Marketing Specialist at Sofocle (www.sofocle.com), a developer of customized Blockchain solutions. The Sofocle team assesses requirements of an individual business and develops custom blockchain solutions tailored to their its needs.
Topics: Security / Theft