The group of hackers known as “Conti” has successfully hacked multiple government organizations in Costa Rica.
The cybercriminal group published a threatening message directed to the Costa Rican government.
This intel was revealed by the hacker group in a message to the Costa Rican government and U.S. authorities. Conti requests 20 million USD, to cease these attacks.
The first paragraph reads:
“Just pay before it’s too late, your country was destroyed by 2 people, we are determined to overthrow the government by means of cyberattack, we have already shown you all the strength and power, you have introduced an emergency,”
“now we are putting together a campaign against the current government, the price is changing now 20M, now everyone attached to the present will start receiving non-urgent calls from us, we have defeated you!”
“I appeal to every resident of Costa Rica, go to your government and organize rallies so that they pay us as soon as possible, if your current government cannot stabilize the situation? Maybe it’s worth changing it?” the hackers concluded.
The Conti group had expressed interest in having a virtual meeting with President Rodrigo Chaves. Shortly after this incident Chaves signed a national emergency decree on cyber security.
“We wholeheartedly congratulate Rodrigo Chaves on his victory! And we look forward to further cooperation and friendship in the field of protecting the country from dangerous hackers,” read the message sent by Conti.
“I’m sure we can meet up with you in the chat we opened, for a private dialogue for any of your questions,” they said.
“Keep the stability in your beautiful country. You have beautiful nature, educated young people, developed business. We are waiting for you in the chat,” read the chat message sent by Conti.
As programmers ourselves at Blockchain Costa Rica, we do not condone malicious use of hacking. However, it is now very evident of the need for the implementation of cybersecurity and blockchain technology in Costa Rica. This was a necessary wake up call to the Costa Rican government to improve the overall cybersecurity of the country.
It is estimated that after every 14 seconds, an individual or company falls prey to a ransomware attack. This is according to the 2019 Official Annual Cybercrime Report (ACR) who also indicated that most of these attacks go unreported. With a new person joining social media platforms every 15 seconds, the ransomware vulnerability scope continues to widen.
As per the Security Intelligence Report, the average cost of a cyber-attack data breach as of 2019 was $3.92 million. On the contrary, the cost of hacking is almost insignificant, with cyber-attack tools now available on the Dark Web for as low as one dollar, with other complementary services being offered free of charge.
What is Blockchain?
Blockchain technology is a distributed and decentralized ledger system that can record transactions between multiple servers (computers). Blockchain is the same technology behind CR Coin and has popularly grown into a promising mitigation technology for cybersecurity.
Human error remains to be the leading cause of data breaches. Blockchain fully automates data storage hence reducing the human element in these data storage systems.
Blockchain can be utilised in any sector or industry. This is because any kind of digital asset or transaction can be inserted in blockchain, from any industry. The new technology is considered a reliable cybersecurity protocol due to its capabilities of indicating any foul play and providing certainty in the integrity of transactions.
Blockchain Use Cases for Cybersecurity
Although not unbreakable, blockchain has evolved to become one of the most foolproof forms of transacting in the digital realm. As designed and intended, the technology has been credited for its information integrity assurance. If well-utilised, many sectors can benefit from it.
With the potential of being practical to many utilisations, blockchain can be implemented into many uses. One of the best uses would be utilising its integrity assurance for building cybersecurity solutions for many other technologies. Below are some use cases of future beneficial use of blockchain to strengthen cybersecurity:
1. Securing Private Messaging: With the internet shrinking the world into a global village, more and more people are joining social media. The number of social media platforms is also on the rise. More social apps are being launched with each dawn as conversational commerce gains popularity. Huge amounts of metadata are collected during these interactions. Most social media platform users protect the services and their data with weak, unreliable passwords.
Most messaging companies are warming up to blockchain for securing user data as a superior option to the end-to-end encryption which they currently use. Blockchain can be used to create a standard security protocol. For enabling cross-messenger communication capabilities, blockchain can be used to form a unified API framework.
2. IoT Security: Hackers have increasingly used edge devices, such as thermostats and routers, to gain access to overall systems. With the current obsession for Artificial Intelligence (AI), it has become easier for hackers to access overall systems like home automation through edge devices like ‘smart’ switches. In most cases, a large number of these IoT devices have sketchy security features.
In this case, blockchain can be used to secure such overall systems or devices by decentralising their administration. The approach will give the capabilities of the device to make security decisions on their own. Not depending on the central admin or authority makes the edge devices more secure by detecting and acting on suspicious commands from unknown networks.
Normally, hackers penetrate the central administration of a device and automatically gain full control of the devices and systems. By decentralising such device authority systems, blockchain ensures such attacks are harder to execute (if even possible).
3. Securing DNS and DDoS: A Distributed Denial of Service (DDoS) attack occurs when users of a target resource, such as a network resource, server, or website, are denied access or service to the target resource. These attacks shut down or slow down the resource systems.
On the other hand, an intact Domain Name System (DNS) is very centralised, making it a perfect target for hackers who infiltrate the connection between the IP address and the name of a website. This attack renders a website inaccessible, cashable, and even redirectable to other scam websites.
Fortunately, blockchain can be used to diminish such kinds of attacks by decentralising the DNS entries. By applying decentralised solutions, blockchain would have removed the vulnerable single points exploited by hackers.
4. Decentralising Medium Storage: Business data hacks and theft are becoming a primary evident cause of concern to organisations. Most companies still use the centralised form of the storage medium. To access the entire data stored in these systems, a hacker simply exploits but a single vulnerable point. Such an attack leaves sensitive and confidential data, such as business financial records, in the possession of a criminal.
By using blockchain, sensitive data may be protected by ensuring a decentralised form of data storage. This mitigation method would make it harder and even impossible for hackers to penetrate data storage systems. Many storage service companies are assessing ways blockchain can protect data from hackers.
5. The Provenance of Computer Software: Blockchain can be used to ensure the integrity of software downloads to prevent foreign intrusion. Just as the MD5 hashes are utilised, blockchain can be applied to verify activities, such as firmware updates, installers, and patches, to prevent the entry of malicious software in computers. In the MD5 scenario, new software identity is compared to hashes available on the vendor websites. This method is not completely foolproof as the hashes available on the provider’s platform may already be compromised.
However, in the case of blockchain technology, the hashes are permanently recorded in the blockchain. The information recorded in the technology is not mutable or changeable; hence blockchain may be more efficient in verifying the integrity of software by comparing it to the hashes against the ones on the blockchain.
6. Verification of Cyber-Physical Infrastructures: Data tampering, systems misconfiguration together with component failure have marred the integrity of information generated from cyber-physical systems. However, the capabilities of blockchain technology in information integrity and verification may be utilised to authenticate the status of any cyber-physical infrastructures. Information generated on the infrastructure’s components through blockchain can be more assuring to the complete chain of custody.
7. Protecting Data Transmission: Blockchain can be used in the future to prevent unauthorized access to data while in transit. By utilising the complete encryption feature of the technology, data transmission can be secured to prevent malicious actors from accessing it, be it an individual or an organisation.
This approach would lead to a general increase in the confidence and integrity of data transmitted through blockchain. Hackers with malicious intent tap into data amid transit to either alter it or completely delete its existence. This leaves a huge gap in inefficient communication channels, such as emails.
8. Diminish Human Safety Adversity caused by
Cyber-attacks: Thanks to innovative technological advancements, we have recently seen the roll-out of unmanned military equipment and public transportation. These automated vehicles and weapons are possible thanks to the Internet that facilitates the transfer of data from the sensors to the remote-control databases. However, hackers have been on the job to break and gain access to networks, such as Car Area Network (CAN). When tapped into, these networks offer complete control access to vital automotive functions to the hackers. Such occurrences would have a direct impact on the safety of humans. But through data verification conducted on blockchain for any data that goes in and through such systems, many adversities would be prevented.
No matter how it is utilised, the key component of blockchain technology is its ability to decentralise. This feature removes the single target point that can be compromised. As a result, it becomes utterly impossible to infiltrate systems or sites whose access control, data storage, and network traffic are no longer in a single location. Therefore, blockchain may be one of the most efficient mitigation strategies for cyber threats in the coming days.