Last week, Bloomberg reported that hackers had managed to snag payment of 118 bitcoins (about $1.14M US at the time of the exchange) from Covid-19 researchers in early June. The payment came after the hackers had successfully executed a ransomware attack in which they locked servers used by the epidemiology and biostatistics department at the University of California at San Francisco, which contained critical, sensitive Covid-19 research. The hackers originally demanded $3M in exchange for the keys to unlock the servers, and the two arrived at the final payment sum after six days of negotiation.
As Bloomberg reports, Covid-19 has in some ways “turbocharged” the ransomware business. “The pandemic has made high-value targets out of universities, hospitals, and labs with access to data that are used to analyze new potential treatments or document the safety of vaccine candidates,” they explained. Global attention on the race for a cure includes the attention of hackers, who seek to exploit the criticality of Covid-19 data to their advantage.
The high-profile nature of Covid-19 research is a big contributor to making those tasked with managing it difficult. Once hackers are able to determine the location of this highly sensitive data, they can both lock the data, rendering it unusable to the victim, and even worse, expose the data, whether to further an attacking state’s progress hunting a Covid-19 cure or in many cases, to blackmail victims on the threat of making public the compromised information. The threat of steep regulatory fines and risk to reputation are often enough to make paying attackers the ransom the lesser of two evils.
Confirming the Location of Sensitive Data
The success of a ransomware attack depends on the hackers’ ability to definitively confirm the presence of sensitive data, then access it. Thus, the first step in protection against these attacks should be in sufficiently obfuscating the data’s location in addition to data value. ShardSecure’s Microshard™ approach achieves this by shredding data into shards as small as single-digit bytes, mixing in ‘poison’ data to further obscure it, and finally by distributing the data to multiple locations.
Because Microshard data is distributed to multiple cloud locations, the technology changes the hackers’ challenge from a time and compute problem to a time, compute and spatial challenge. This distributed approach provides resilience against Ransomware attacks by minimizing the attack surface of any single data location. If any one data storage or transit location is hit with a ransomware attack, only a fraction of the dataset is affected. ShardSecure’s Microshard data security solution goes beyond traditional encryption to drastically reduce the likelihood of attackers being able to confidently locate then breach as many access points as would be required to glean any value from the data.
Microsharding eliminates the sensitivity of data itself, removing the hackers’ ability to leverage its value against the victim. When organizations achieve zero data sensitivity through Microsharding, they remove the threat of data exposure from the attacker’s arsenal, taking additional consequences like regulatory compliance fees and reputational damage off the table and weakening the Ransomware attacker’s position.
Even prior to the pandemic, the prevalence of cybersecurity incidents was skyrocketing as organizations move data to the public cloud. Now, with the stakes arguably higher than ever, organizations are being forced to adopt new data security solutions that can ensure absolute privacy and eliminate data sensitivity no matter where data is stored. ShardSecure helps organizations accelerate cloud adoption with confidence, knowing the biggest factors in a Ransomware attack, the sensitivity and location of data, are reliably obscured from would-be attackers.