Monthly Archives: July 2022

Why haven’t we managed to curtail the #Ransomware menace?

#Ransomware is the biggest cybersecurity threat facing the world today.

Ransomware is the biggest cybersecurity threat facing the world today, with the potential to significantly affect whole societies and economies – and the attacks are unrelenting, the head of the National Cyber Security Centre (NCSC) has warned.

“Even with a war raging in Ukraine – the biggest global cyber threat we still face is ransomware. That tells you something of the scale of the problem. Ransomware attacks strike hard and fast. They are evolving rapidly, they are all-pervasive, they’re increasingly offered by gangs as a service, lowering the bar for entry into cyber crime,” said Lindy Cameron, CEO of the NCSC In a speech at Tel Aviv Cyber Week. She added that the NCSC has dealt with “nationally significant incidents” along with hundreds of general cyber incidents that “affect the UK more widely every year”.

Working alongside other law enforcement agencies, Cameron said that the NCSC is working to understand the criminal system that helps drive ransomware attacks – and how the nature of ransomware gangs and the techniques they’re using to facilitate ransomware campaigns continue to evolve.

“We want to make ransomware an unprofitable and unattractive business,” said Cameron, who argued it’s not all doom and gloom when it comes to cybersecurity, going on to detail how the NCSC’s Active Cyber Defence Program has helped to disrupt cyberattacks targeting citizens.

According to newly released figures from cybersecurity company WatchGuard, the volume of ransomware has risen significantly with the amount of detected activity in the first quarter of 2022 more than three times what was detected during the same period last year. The report suggests that the emergence of aggressive ransomware and extortion operations including  #LAPSUS$ and #BlackCat are behind what’s described as “an ever-increasing ransomware and cyber-extortion threat landscape.”

You need to act now!

We at IronCAP™ have been trying to educate businesses and individuals that Q-day (the day the first quantum hack is publicly recognized) is around the corner and everybody needs to gear up. Nation states and governments are already at it, how about you? To learn more, visit www.ironcap.ca.

IronCAP™ is our latest innovation for the post-quantum cybersecurity. This patent-protected, post-quantum cryptographic system is based on the Goppa Code-based cryptographic technology. It has embedded our proprietary subclass of (L, G) making it not only more secured but also has faster cryptographic operations (key generation, encryption, decryption) than the traditional Goppa Code-based technology (McEliece). We are offering a live demonstration for the general public to try and experience the strength of IronCAP™ post-quantum encryption easily. To learn more, visit www.ironcap.ca.

Why does #Blockchain need to be #QuantumSafe?

Blockchain is currently extremely vulnerable!

01 Communique Laboratory Inc. has been commissioned to develop the World’s First Quantum-Safe Blockchain designed for Tokens, NFTs, Smart Contracts for the Metaverse, De-centralized Finance (DeFi). It is expected that this best-in-class quantum-safe blockchain will be resilient against cyber adversaries, including quantum attacks.

Blockchain technology is vulnerable to cyber-attacks, including quantum threats. A recent crypto hack reported a loss of over $300 million due to hackers forging a wrong signature to fake a transaction1. These hacks have now become commonplace and it is anticipated that the introduction of quantum computing will increase them dramatically.

After an extensive global search, a consortium of highly successful crypto experts has selected the Company as their technology partner and Post-Quantum Cryptography (PQC) provider. The consortium (Talent Summit) is pursuing the new blockchain aggressively and is planning a Proof-of-Concept (PoC) within three months. The PoC of this new venture is the first step towards protecting the de-centralized eco-system.

“01 has taken a minority position in Talent Summit and in addition will be compensated for the development project by way of a payment of $250,000 cash plus a 10% royalty for the ongoing share of the “Tokens” per transaction,” said Andrew Cheung, the President and CEO of 01 Communique. 01 will protect the integrity of this state-of-the-art blockchain by using its patent-protected, quantum-safe, IronCAP™ technology. In addition to being quantum-safe and supporting smart contracts, this new blockchain is aiming at high-performance with the ability to process tens of thousands of transactions/second (TPS). “This revolutionary blockchain is essentially a transformation of the proven Solana blockchain into a quantum-safe version to be incorporated in Tokens, NFTs, Smart Contracts for Metaverse, DeFi, and more”, said Andrew Cheung.

You need to act now!

We at IronCAP™ have been trying to educate businesses and individuals that Q-day (the day the first quantum hack is publicly recognized) is around the corner and everybody needs to gear up. Nation states and governments are already at it, how about you? To learn more, visit www.ironcap.ca.

IronCAP™ is our latest innovation for the post-quantum cybersecurity. This patent-protected, post-quantum cryptographic system is based on the Goppa Code-based cryptographic technology. It has embedded our proprietary subclass of (L, G) making it not only more secured but also has faster cryptographic operations (key generation, encryption, decryption) than the traditional Goppa Code-based technology (McEliece). We are offering a live demonstration for the general public to try and experience the strength of IronCAP™ post-quantum encryption easily. To learn more, visit www.ironcap.ca.

Is IBM accelerating the #quantumcomputer development trajectory?

IBM has unveiled 4 new quantum processors that it plans to use in a quantum supercomputer!

Last week IBM updated its quantum computing roadmap for the 3rd time since the first one was published. In this new roadmap, IBM has provided new tools for kernel developers, algorithm developers, and model developers. These developments all require new hardware, software, and new architecture.

The roadmap suggests that IBM will accelerate quantum’s expected trajectory by developing quantum processors that have the potential to scale to hundreds of thousands of qubits several years earlier than expected – and that’s a problem for current security, when it’s not quantum safe!

If IBM’s roadmap is implemented, it will change the landscape of quantum computing. 10 years ago, CPU-centric supercomputing was the exclusive domain of government and researchers for solving large and complex scientific problems. Since then, it has been democratized and transformed into various types of AI-centric supercomputing used in almost every industry today.

This roadmap is IBM’s plan to create a new family of quantum processors, software, and services that will lead to the realization of the next generation of supercomputers, a quantum-centric supercomputer. The combined resources of quantum processors, CPUs, and GPUs are expected to solve some of the world’s most challenging problems. In short the Quantum timeline is no longer science fiction – it now looks like this …

  • 2023 – Condor with 1121 Qubits
  • 2024 – Flamingo with 1386 Qubits
  • 2025 – Kookaburra with 4158+ Qubits
  • 2026 onward – hundreds of thousands Qubits!

… and there’s the problem, all encryption is now rendered useless! – That’s why The White House has announced that President Joe Biden has signed a National Security Memorandum (NSM) aimed at maintaining U.S. leadership in quantum information sciences and to mitigate the risks of quantum computing to the Nation’s security. “A cryptanalytically relevant quantum computer could jeopardize civilian and military communications as well as undermine supervisory and control systems for critical infrastructure,” said GEN Paul M. Nakasone, Commander, USCYBERCOM, Director, NSA/Chief, CSS. “The No. 1 defense against this quantum computing threat is to implement quantum-resistant cryptography on our most important systems.”

You need to act now!

We at IronCAP™ have been trying to educate businesses and individuals that Q-day (the day the first quantum hack is publicly recognized) is around the corner and everybody needs to gear up. Nation states and governments are already at it, how about you? To learn more, visit www.ironcap.ca.

IronCAP™ is our latest innovation for the post-quantum cybersecurity. This patent-protected, post-quantum cryptographic system is based on the Goppa Code-based cryptographic technology. It has embedded our proprietary subclass of (L, G) making it not only more secured but also has faster cryptographic operations (key generation, encryption, decryption) than the traditional Goppa Code-based technology (McEliece). We are offering a live demonstration for the general public to try and experience the strength of IronCAP™ post-quantum encryption easily. To learn more, visit www.ironcap.ca.

Who is the #Ransomware Bad Guy?

So what is the biggest cause of Ransomware? Who’s the culprit? Email #Phishing has to be the answer!

Global Ransomware damage costs are predicted to exceed $265 Billion by 2031 (cybersecurityventures.com) Ransomware has been topping headline news on a daily basis and is becoming our No. 1 “cyber-enemy”. According to Harvard Business Review in May 2021, ransomware attacks were up 150% over the previous year. The amount paid by victims of these attacks increased more than 300% in 2020. This massive uptrend is further fuelled by accelerated digitalisation creating fertile soil for such attacks. The risk of data exposure will only grow given that remote workers’ personal devices are more vulnerable. According to the Cybercrime Magazine, ransomware damage costs are predicted to exceed USD265B annually and attacking a business, consumer, or device every 2 seconds by 203

Governments and critical infrastructure are not the only targets, ransomware attackers are less concerned about the industry and more focused on scope and scale. They go after large enterprise networks to secure the biggest possible ransom. Therefore, big enterprises e.g., banks, manufacturers and even high-tech companies and cybersecurity providers themselves are popular targets.

We believe enterprises should adopt a holistic approach, addressing the essential aspects including enhancing awareness and governance, while adopting suitable and robust technology solutions that best suit the technical environment that support the entity’s business operations. The adoption of true end-to-end encryption would be a key preventive measure, and leveraging the latest verifiable digital credentials would provide the average email user the means to verify the purported identity of the party sending the email.

You need to act now!

We at IronCAP™ have been trying to educate businesses and individuals that Q-day (the day the first quantum hack is publicly recognized) is around the corner and everybody needs to gear up. Nation states and governments are already at it, how about you? To learn more, visit www.ironcap.ca.

IronCAP™ is our latest innovation for the post-quantum cybersecurity. This patent-protected, post-quantum cryptographic system is based on the Goppa Code-based cryptographic technology. It has embedded our proprietary subclass of (L, G) making it not only more secured but also has faster cryptographic operations (key generation, encryption, decryption) than the traditional Goppa Code-based technology (McEliece). We are offering a live demonstration for the general public to try and experience the strength of IronCAP™ post-quantum encryption easily. To learn more, visit www.ironcap.ca.

$325 million in #cryptocurrency disappears after an error on #GitHub

Imagine a security flaw that was fixed but then apparently not applied to the live application – as a result it was hacked!

The decentralized finance (DeFi) platform Wormhole became the victim of the largest cryptocurrency theft this year, and among the top five largest crypto hacks of all time, when an attacker exploited a security flaw to make off with close to $325 million!

The attack seems to have resulted from a recent update to the project’s GitHub repository, which revealed a fix to a bug that had not yet been deployed to the project itself. The attack was noticed when a post from the Wormhole Twitter account announced that the network was being taken “down for maintenance” while a potential exploit was investigated. A later post from Wormhole confirmed the hack and the amount stolen.

Shortly after the attack, the Wormhole team also offered the hacker a $10 million bounty to return the funds, which was embedded as text in a transaction sent to the attacker’s Ethereum wallet address.

Wormhole provides a service known as a “bridge” between blockchains, essentially an escrow system that allows one type of cryptocurrency to be deposited in order to create assets in another cryptocurrency. This allows a person or entity with holdings in one cryptocurrency to make trades and purchases using another, somewhat like being able to fund a bank account in dollars and then use a bank card to buy something priced in euros.

To carry out the attack, the attacker managed to forge a valid signature for a transaction that allowed them to freely mint 120,000 wETH — a “wrapped” Ethereum equivalent on the Solana blockchain, with value equivalent to $325 million at the time of the theft — without first inputting an equivalent amount. This was then exchanged for around $250 million in Ethereum that was sent from Wormhole to the hackers’ account, effectively liquidating a large amount of the platform’s Ethereum funds that were being held as collateral for transactions on the Solana blockchain.

Open-source code commits show that code that would have fixed this vulnerability was written and uploaded to the Wormhole GitHub repository on the day of the attack. Just hours later, the vulnerability was exploited by the hacker, suggesting that the updates had not yet been applied to the production application.

Due to the nature of cross-chain applications, the attack temporarily left a huge deficit between the amount of wrapped Ethereum and regular Ethereum held in the Wormhole bridge — as if the collateral asset backing a loan had suddenly disappeared. According to Forbes, the attack caused a 10 percent drop in the value of the Solana cryptocurrency in the aftermath of the hack.

You need to act now!

We at IronCAP™ have been trying to educate businesses and individuals that Q-day (the day the first quantum hack is publicly recognized) is around the corner and everybody needs to gear up. Nation states and governments are already at it, how about you? To learn more, visit www.ironcap.ca.

IronCAP™ is our latest innovation for the post-quantum cybersecurity. This patent-protected, post-quantum cryptographic system is based on the Goppa Code-based cryptographic technology. It has embedded our proprietary subclass of (L, G) making it not only more secured but also has faster cryptographic operations (key generation, encryption, decryption) than the traditional Goppa Code-based technology (McEliece). We are offering a live demonstration for the general public to try and experience the strength of IronCAP™ post-quantum encryption easily. To learn more, visit www.ironcap.ca.