Cloudbric: Unleashing the bull in crypto cybersecurity

in #security6 years ago

Over the last few years the security threat landscape has undergone a tectonic shift. The increased internet connectivity has not only resulted in greater internet penetration bringing in numerous benefits for the consumers, but also an enormously increased attack surface. Some of the biggest attacks resulting in the largest ever known data breaches impacting multinational giants like Yahoo!, Equifax, eBay, JPMorgan, Facebook and Target have occured in last 5 years. A meticulous analysis of these breaches reveals the greater sophistication with which attackers have started targeting organizations across the world. Armed with adequate resources, the threat actors have shown incredible tenacity to quickly adapt with the changing technological landscape.

In last 3 years a significant shift has been observed in security landscape towards cryptocurrencies. The anonymity provided by cryptocurrencies has only consolidated the non-attribution and kinetic traits of cyber attacks giving giving too much leeway for the attackers to manipulate the targets. A careful analysis of the breaches and security incidents that took place in last 3 years reveals an emerging pattern of domination of the cyberspace by malicious actors through attacks involving cryptocurrencies such as ransomware and cryptojacking. In fact, in security parlance, the year 2016 is undisputedly called as the year of ransomware. As ransomware emerged as a successful business model for attackers, to point of ransomware-as-a-service (RaaS) becoming mainstreamed, the attackers started exploring more options.

The year 2017 and 2018 has also witnessed the continued dominance by ransomware but also the emergence of cryptomining scripts being used to generate revenue through illegal mining. While state-sponsored threat actors like Lazarus Group majorly rely on ransomware attacks to disrupt essential services and achieve certain geopolitical goals, there are also financially motivated attackers who directly attack and plunder cryptocurrency exchanges. In 2014, cryptocurrency worth $450 Million was stolen from Mt. Gox - the largest bitcoin exchange accounting for nearly 70% of all bitcoin trade. The story has continued since then and almost all crypto exchanges have been impacted by security breaches. Just two weeks back, hackers plundered Zaif, a Japanese crypto exchange, and stole currency worth $60 Million. It is an foregone conclusion that if cybercriminals are to be slowed down, a special attention is to be paid to the cryptocurrency market which is presently growing. Furthermore, the adoption of cryptocurrencies as medium of exchange and store of value greatly depends on their security.

Taming the Bear

The ransomware and cryptojacking attacks are usually carried out through sophisticated social engineering techniques like spearphishing which can be largely tackled through enhanced user awareness about the threat methods. On the other hand, the challenge involving the security of cryptocurrency exchanges can be be tackled through a combination of methods.

First and foremost, the businesses must not inundate themselves with a plethora of security solutions. The presence of too many security solutions (greater than 1600) in the market has been observed to leave the users confused. Businesses often tend to deploy multiple security products which ends up in wrong prioritization of threats and the problem of distracted focus. Most security solutions available in the market offer zero flexibility and a common approach to all businesses - even if their threat priorities and attack surface is different.

Second, the complicated web of numerous security products collect too much threat data and threat intelligence which is not shared with the business itself. In fact, businesses have to pay extra for gaining access to various Indicators of Compromise (IOCs) including domain names, email addresses, IP addresses and hashes. Furthermore, vendors nowadays are deploying orchestration based security products which collect too much of tactical threat intelligence. However, the access to such valuable data is denied to the businesses leading to the problem of centralization of threat data.

Lastly, the lack of effective and objective “measures of success” to gauge the benefits delivered by individual security products results in poor budgetary allocations towards effective security solutions.

Unleashing the Bull

What crypto market essentially requires is a security solution that caters to the triumvirate of challenges - Oversaturation of Security Solutions, Centralization of Threat Intelligence and Uncertainty of Security Performance. One of the foremost products that would solve the troika is being developed by Cloudbric. Called Decentralized Universal Security Platform, the security solution has been specifically designed to address the challenges faced by the cryptocurrency sector. The platform responds to the troika of challenges by leveraging the trinity of modern technologies - Blockchain, Artificial Intelligence and Deep Learning. Cloudbric has patented a deep learning solution known as VISION that would bring “one stop concierge” security services to the cryptocurrency market by powering an all-inclusive suite of cybersecurity solutions. VISION has been designed to decentralize the security ecosystem by allowing the users to train their suite of security solutions through anonymous threat data including Indicators of Compromise (IOCs).

Cloudbric has created a robust model to bringing effective decentralization of threat data by monetizing the contribution of sharing threat data by independent security researchers. The monetization will happen through distribution of Cloudbric (CLB) tokens directly to the users (who share credible threat data) who can redeem them by trading on cryptocurrency exchanges. Furthermore, the entire threat data including Indicators of Compromise (IOCs) will be made available to the users thus ensuring complete transparency and fostering effective decentralization of threat intelligence. In simple terms, Cloudbric solution creates a virtuous cycle wherein independent security researchers are attracted towards solving the cybersecurity vagaries of crypto markets and duly compensated.

Cloudbric tackles the problem of inundation of security products by offering multiple security solutions in a single suite. A single security suite offered by Cloudbric will offer solutions for server-side security, endpoint security and cryptocurrency asset protection. In simpler terms, it builds a secure wall around the attack surface of the user by catering to all possible points of penetration and effectively tackles the issues of targeted threats like ransomware, cryptojacking, phishing attacks and delivery of sophisticated malware through spearphishing techniques.

With over 30 years of cumulative experience in the domain of cybersecurity, the Cloudbric team is poised to breakdown the problem of disjointed security solutions presently available in the market and offer unique and focussed security solutions for the users. Unlike typical ICO security vendors, Cloudbric has already proven its mettle by being recognized as the topmost security solution provider in the APAC region. Ranked at number 5 by world’s leading research and advisories agencies like Gartner and Frost & Sullivan, Cloudbric is a must adopt security solution for any cryptocurrency exchange that wants to build user trust and enhance credibility by offering secure services to the consumers.

Explainer Video About Cloudbric