Cybercrime losses are reaching new highs every year, and some experts believe that while blockchain technology is not a panacea to stop it, mainstream adoption can certainly help.
Cybercrime can take many forms, including ransomware attacks, identity fraud, data theft, and phishing campaigns. Global losses from cybercrime are estimated to reach $10.5 trillion annually by 2025, according to cybersecurity research firm Cybersecurity Ventures.
Bitcoin (BTC), the first decentralized blockchain, was launched in January 2009 along with its associated cryptocurrency. Security features such as encryption, decentralization, and consensus are built into the technology.
Ronghui Gu, co-founder of blockchain security firm CertiK, told Cointelegraph that blockchain technology is a “core security technology” and that “mainstream industries that rely heavily on data integrity,” such as healthcare and finance, can use it to achieve higher levels of security. Provides security.
“For example, patient records stored on blockchain can reduce the risk of data breaches and unauthorized access to sensitive information while giving patients more control over their data and when and with whom it is shared,” he said. .
Some companies are already experimenting with using blockchain to store and manage medical records. One company even released its COVID-19 diagnosis certificate on the blockchain.
The centralized nature of standard data storage systems can make them attractive targets for cyber attackers, Gu said. Additionally, many current systems lack sufficient mechanisms for individuals to see where and how their data is being used.
Related: Can blockchain revolutionize digital securities management on stock exchanges?
He believes blockchain and Web3 technologies solve some of these problems by decentralizing data storage and reducing centralized points of failure and the risk of unauthorized access.
“This underlying distributed ledger technology is designed to eliminate single points of failure, making it more resistant to traditional cyberattacks such as data tampering and network infiltration,” Gu said.
“Unlike centralized systems, blockchain distributes data across a network of computers, making it very difficult for an attacker to take control of the entire system.”
Blockchain has stronger-than-average security.
CertiK’s 2023 annual “Hack3d: Web3 Security Report” found that more than $1.8 billion worth of digital assets were lost due to 751 Web3 security incidents in 2023.
Gu said blockchain technology is not immune from cyberattacks, but its decentralized nature provides stronger security. To change a distributed ledger, a hacker would need to control more than half of the entire system, and “once data has been entered, it becomes nearly impossible to change it.”
“Each transaction is protected by strong encryption, so only those with the correct keys can act on behalf of the address,” he added.
Investment fraud caused the largest losses in the United States last year, according to data from Statista, an online data collection platform. Compromised business emails were second, followed by fraudulent technical support letters.
Each of these types of attacks can involve requests to send funds to fraudsters, which can result in financial loss and the exposure of sensitive financial and personnel information.
Gu believes that using smart contracts can help reduce these common successful cyberattacks.
Smart contracts are transaction protocols designed to automatically execute actions according to the terms of a contract.
“Smart contracts can reduce fraud risks in the financial industry and automate many arduous compliance tasks by ensuring that transactions are only executed if certain conditions are met,” Gu said.
Blockchain is not a panacea for stopping cybercrime, but it can still help.
Gu believes that because cybersecurity is a constantly evolving field, “completely eliminating all cybercrime is not realistically achievable.” As new technologies emerge, new vulnerabilities and attack vectors also emerge.
“Many cybercrimes exploit human error, including weak passwords, phishing scams, and social engineering attacks. “You can reduce these risks through training, but it’s unrealistic to expect all users to be error-free,” he said.
“Cybercrime also has a socioeconomic aspect. “As long as there is an incentive, financial or otherwise, individuals or groups will engage in criminal activity.”
These incentives, especially funds stolen from victims, will reach dizzying heights of more than $13 trillion by 2028, according to Statista data.
Gu believes the goal should not necessarily be to eliminate all cybercrime, but to minimize it and mitigate its impact through resilient infrastructure and informed users.
“This approach preserves the freedom and benefits of decentralized technology while protecting against its inherent risks,” he said.
Professor Koo added, “Achieving a country where cybercrime is completely eradicated will require extreme measures that could infringe on individual freedom and privacy in line with the values that blockchain was created to preserve.”
“Blockchain alone is not a panacea against all types of cyber attacks,” Johann Polecsak, co-founder and chief technology officer of hybrid blockchain platform QAN Platform, told Cointelegraph. He said it could help.
“If implemented well, it can effectively narrow the point of failure for key management issues, and the problem can be effectively mitigated using hardware-based signing tools,” he said.
“But to build a truly future-proof system, it is undoubtedly important to choose a blockchain designed to withstand quantum computing attacks.”
Quantum computing has long been feared as an inflection point for the cryptocurrency industry. Computers that can crack blockchain encryption could result in large-scale theft of user funds.
Related: ‘Simple’ hard fork could defeat quantum attack on Ethereum: Vitalik Buterin
Eskil Tsu, co-founder of GoPlus, a decentralized secure data and security services network, told Cointelegraph that he believes “the only thing that can help” reduce cybercrime is blockchain.
“Blockchain’s unique characteristics of decentralization, transparency and immutability can significantly mitigate risk and reduce the surface for online attacks,” he said.
“Leveraging these key aspects by providing robust security solutions not only protects against current threats but also anticipates future vulnerabilities.”
Blockchain technology as a possible solution to AI cyberattacks
Fraser Edwards, co-founder and CEO of decentralized data infrastructure provider Cheqd, believes blockchain technology has a lot of opportunity to prevent cyberattacks, especially phishing and impersonation scams.
Phishing continues to be the most common email attack method, accounting for 43.3% of all email threats, according to a 2024 report from security provider Hornetsecurity.
“Decentralized identity and credentials, often using blockchain internally, will have a significant impact in reducing cyberattacks,” Edwards said.
“A significant portion of cyber attacks are carried out through phishing or social engineering, which involves impersonating a person or stealing security details.”
Edwards said blockchain technology could also be the answer to new fraud and cyber threats, such as those using artificial intelligence.
Concerns about AI-generated content have grown exponentially over the past few years. The World Economic Forum (WEF) also highlighted all the side effects that may arise from AI technology in its 2024 ‘Global Risk Report’.
Deepfakes have been singled out as a particular cause for concern. AI video technology can produce computer-generated images and audio that are often indistinguishable from reality.
In a recent deepfake scam, fraudsters stole $25 million from a Hong Kong company by impersonating a senior executive in an online video conference. Hong Kong police said this was one of the first cases of its type they had seen.
According to data from SumSub, deepfakes have increased tenfold across all industries globally from 2022 to 2023.
Edwards said it was now possible to create fake passport or driver’s license documents that could be used to fool know-your-customer (KYC) processes. He also claimed that once you know someone’s account details, it is usually easy to impersonate them through their account or app.
Related: Will voters be able to spot AI deepfakes ahead of the 2024 presidential election?
KYC verification is a mandatory process that identifies and verifies your identity when opening an online account on a cryptocurrency exchange.
Edwards argued that a solution that could curb this type of cybercrime could be distributed identifiers (DIDs). This is a globally unique identifier, such as a URL, where the address is unique, highly available, verifiable, and cryptographically verifiable.
“DIDs and credentials implement 2FA more or less automatically, not only through the use of passwords, but also through account authentication, which requires the correct signature of the wallet or device where the credentials are stored,” he said.
“DIDs and credentials can prevent AI from generating document images. Because it is not signed by the correct issuer, it can easily be detected as fraud. Likewise, using content credentials can prevent the generated video from being used,” Edwards added.
Magazine: Through bots and airdrops, Ronin has grown into the No. 2 blockchain for daily users, not just Pixels fans.