We are excited to bring Transform 2022 back in-person July 19 and virtually July 20 – 28. Join AI and data leaders for insightful talks and exciting networking opportunities. Register today!
Yesterday, blockchain and transaction analysis provider Chainalysis launched Crypto Incident Response, a new incident response service designed to support enterprises that have been breached by threat actors who’ve demanded a cryptocurrency ransom.
As part of the service, whenever there’s a data breach or ransomware attack where cryptocurrency funds are demanded or stolen, the victim organization can contact Chainanalysis’s team of advisors and data scientists via a 24/7 hotline, who will trace the funds and label them for recovery.
This relatively new approach of combining cryptocurrency protection with incident response provides enterprises with another tool they can use to try and recoup funds if a threat actor manages to convince them to hand over their digital assets.
Why are crypto incident response services emerging now?
The release of the crypto incident response solution comes as the number of ransoms paid by enterprises continues to increase.
According to financial exchanges and institutions, in 2021 alone, payments tied to ransomware attacks totalled $590 million, compared to $416 million in 2020.
One of the main reasons for the high level of payouts is the evolution of the Ransomware-as-a-Service (RaaS) industry, and how skilled attackers are becoming at identifying, encrypting and exfiltrating critical data assets to gain maximum leverage over their victims.
Today’s ransomware victims not only have to worry about the tremendous cost of a ransomware attack in terms of upfront disruption, they also have to worry about 2.0 style techniques, where attackers will threaten to publically leak the data they’ve accessed.
Together these factors have helped to contribute to the average cost of a ransomware breach totalling $4.62 million in 2021.
How crypto incident response services can help protect enterprises
While there are many anti-ransomware solutions, crypto incident response services are unique as they can provide support to enterprises that have been “checkmated” into paying a ransom demand by a threat actor.
“After an incident such as a hack, ransomware attack, code exploit, or flash loan attack occurs and cryptocurrency funds are either demanded or stolen, the victim can contact the 24/7 Chainalysis Crypto Incident Response hotline,” said Senior Director of Investigations and Special Programs at Chainalysis, Erin Plante.
“Chainalysis will then assign a dedicated team of experts leveraging advanced investigative capabilities to work around the clock and side-by-side with the victim organization. If needed, the Chainalysis team can help liaise with law enforcement and asset recovery counsel,” Plante said.
By offering a Crypto Incident Response service, Chainalysis aims to provide a way for organizations to respond immediately, and start tracing the funds so if they’re ever put in the position of being forced to pay a ransom, they can still respond to try and recoup their funds.
Calling upon an incident response team to trace the stolen funds provides organizations with another tool they can use to either reduce the leverage of an attack in the early stages of a ransomware attack, or to run damage control and attempt to trace their funds after a ransom has been paid.
A look at the crypto incident response market
The launch of this service comes as the wider incident response market continues to grow, with researchers valuing the market at $3.48 billion in 2020 and anticipating it will reach $10.13 billion by 2026 as more organizations look for external support to detect and respond to security incidents.
It’s important to note, that Chainalysis isn’t the first provider to offer an incident response service tailored to crypto theft, but the market as a whole remains in its infancy.
One of the organization’s most comparable competitors is blockchain investigation agency CipherBlade offers an incident response and investigation service that can monitor crypto movements in real-time to help seize and recover stolen funds of over $100,000.
CipherBlade’s crypto incident response service reportedly helped influencer, Ian Balina to recover his funds after attackers stole $2 million in crypto. The organization also works with crypto exchanges and wallet providers including Bittrex, Bitbuy, Coinomi, EtherDelta, Changelly, ShapeShift, Shakepay and My Crypto.
While there are other similar less-defined incident response services that dabble in crypto recovery services, Chainalysis and CipherBlade stand as two of the most comprehensive in terms of asset recovery.
Although Plante argues that Chainalysis’s data pedigree is what sets it out from competitors, leveraging over 7 years of historical blockchain data to maximize the chance of being able to trace stolen funds.
VentureBeat’s mission is to be a digital town square for technical decision-makers to gain knowledge about transformative enterprise technology and transact. Learn more about membership.