Insights For Success

Strategy, Innovation, Leadership and Security

Crypto

What is Bitcoin?

GeneralEdward Kiledjian

Bitcoin is a decentralized digital currency, without a central bank or single administrator, that can be sent from user to user on the peer-to-peer bitcoin network without the need for intermediaries. Transactions are verified by network nodes through cryptography and recorded in a public distributed ledger called a blockchain. Bitcoin was invented in 2008 by an unknown person or group of people using the name Satoshi Nakamoto, and started in 2009 when its source code was released as open-source software.

Bitcoin is often called the first cryptocurrency, although prior systems existed. Bitcoin is more correctly described as the first decentralized digital currency. It is the largest of its kind in terms of total market value.

Bitcoins are created as a reward for a process known as mining. They can be exchanged for other currencies, products, and services. As of February 2015, over 100,000 merchants and vendors accepted bitcoin as payment. Bitcoin can also be held as an investment. According to research produced by Cambridge University there were between 2.9 million and 5.8 million unique users using a cryptocurrency wallet, as of 2017, most of them using bitcoin.

What is proof of work?

Proof of work is a system that is used to secure the Bitcoin network. Miners are rewarded with bitcoins for their work in verifying and committing transactions to the blockchain. Proof of work is also used to ensure that new blocks are added to the blockchain in chronological order and not randomly.

In order for a new block to be added to the blockchain, miners must solve a complex mathematical problem. The difficulty of this problem varies depending on the total amount of computing power that is being used to mine Bitcoin. When more miners join the network, the problem's difficulty increases, and vice versa.

Why do environmental groups have a problem with proof of work?

Environmental groups have a problem with proof of work because it requires a lot of energy to power the computers that are used for mining. In fact, according to one estimate, the amount of energy required to mine Bitcoin is more than the annual energy consumption of the country of Ireland.

This has led to concerns that proof of work is not sustainable in the long term and that it could have a negative impact on the environment. However, there are some proposed solutions to this problem, such as using renewable energy to power the computers used for mining or using proof of stake instead of proof of work.

What is proof of stake, and can it solve the environmental problems?

Proof of stake is an alternative to proof of work that is used to secure the Ethereum network. Miners are not rewarded with bitcoins for their work but instead earn a share of the transaction fees that are collected by the network.

This system is seen as more energy efficient than proof of work, as it does not require powerful computers to run the mining process. However, proof of stake is still in the early stages of development, and it is not yet clear if it will be able to scale to the same level as proof of work.

Companies buying bitcoin to prepare for cyber extortion

GeneralEdward Kiledjian

In an uncertain world where kidnapping for ransom is an all too common occurrence, many hostage negotiators use the no-concession policy. They justify this position by explaining that paying a ransom makes it more likely that the perpetrators will try it again and often times the ransom is used to fund illegal or terrorist organizations.

Although I have seen very little empirical evidence to prove that this no-concesion approach is more desirable than paying the ransom, this mentality was brought into the digital age when cyber-ransoms, cyber-extortions and crypto-malware became prevalent. 

More and more companies though have started to take a different approach and are now prepared to pay ransom in exchange for saving their networks, devices and information. To meet these demands quickly, some companies have started to store bitcoin as a risk mitigation strategy.

Why this change of heart? Many of the most popular well written malware was actually designed to ensure victims could recover their data when the ransom was paid. This attention to detail and solid customer service by the bad guys, means victims are now relatively certain that they will be saved if they pay the ransom. 

Sure paying the ransom means funding organized crime and will likely fuel the next wave of crypto-malware but companies have a duty to protect their organization (rather than take the moral high ground).

This change in mindset is so pronounced that traditional physical K&R (kidnap & ransom) negotiation experts have started to test the cyber-extortion and cyber-ransomware negotiation space. 

True verifiable numbers are hard to find but firms like Recorded Future ( a cyber intelligence company) has stated that it believes the cyber-ransom market has now reached the 1B$ mark. Kaspersky says a company is cyber-attacked every 40 seconds.

Obviously crypto-malware can be counter-acted by proper, regular offline backups but many companies don't start a robust recovery program until it's too late. They either pay the ransom or lose their data. Its that plain and simple.

Right now the advantage is with the attacker. Corporate information security groups have to bat 100% to keep the company safe. This is expensive, time consuming and not always achievable. The attacker just need to infect 1 machine on the network and then can propagate and move laterally from there. 

Companies have started to jump on the Ransomware protection bandwagon. An EDR &"next-generation AV" company called Cybereason offers a free product called RansomFree. They claim it protects against 99% of ransomware by monitoring how applications interact with files on your computer. Did I mention RansomFree is free? I haven't used their product and thus can't recommend it but it does seem to be useful and could really help the average consumer ensure they don't end up getting victimized.

It is clear that this malware is written by extremely skilled and determined threat actors. This isn't code written in somebody's basement but rather a professional extortion company with developers, quality assurance and even customer support to ensure a paying customer is taken care of. 

So the question is will your company prepare by buying and storing bitcoin? If you will, how much should you store? that is the new question.

Locky Ransomware is king of SPAM emails

GeneralEdward Kiledjian

Image by Yuri Samoilov used under creative commons license

We had lower than normal SPAM numbers for the last couple of quarters but the evil scourge of the internet is back with a vengeance. Company CISOs and personal users probably noticed a rise recently of emails containing variants of the locky ransomware (encrypting) malware.

The number of SPAM emails containing malware reached an all time high, according to Proofpoints Q3 2016 report

Proofpoint Q3 email badware statistics

Proofpoint said Locky was found in 96.8% of all malicious SPAM attachments. The vast majority contained a ZIP file containing a JavaScript file. We also saw Office documents containing malicious scripts, HTA files and WSF files.

Definitions:

  • HTA : HTML Application
  • WSF: Windows Scripting File

Other "fun" things found in these malware bundles included:

  • Pony Infostealer
  • Vawtrack banking Trojan
  • Tordal malware dropper
  • Panda Banker banking Trojan
  • CryptFile2
  • MarsJoke
  • Cerber

It's not all bad.... exploit kit activity is down 93% compares to the start of 2016.