Cybersecurity threats are only growing in an increasingly digital and interconnected world. Blockchained threat response might help alleviate some of the risk and vulnerabilities of individuals and businesses alike.
Experts in the cybersecurity space expect a continuing and dramatic increase and risk from cyber threats. The world is becoming increasingly connected. New technology including the Internet of Things and enhanced reality are only going to add to the opportunities for and threats from hackers and malware. According to
Symantec, the threat from cyber hackers, ransomware, and DDoS (denial of service) attacks is only on a one way trend: up. And cyber-attacks, particularly those which exploit vulnerabilities caused by a rapidly changing technological environment and outdated software that offers an open door to cyber thieves as a result, will only increase if a new approach is not found and fast.
How expensive and real is the threat? The average cyber ransom attack, by way of example, rose dramatically from $294 to $1,077 in the space of a year between 2015-16. Given the effectiveness of the tactic and ongoing vulnerabilities caused by a combination of factors that are hard to manage by any individual or business, such incidents and the associated dollar amount of damage are only likely to increase.
Worse, government regulation, both on a sovereign and international level is unlikely to provide any relief and may be counterproductive in an environment where cyber warfare is also a tool of modern governments.
Today’s enterprises rely on an ad-hoc mixture of anti-virus subscriptions, threat intelligence feeds, and assorted dynamic analysis engines to defend against evolving adversarial cyber activity. Users must weigh the benefits and drawbacks presented by each solution and decide on the least-worst fit – rather than the optimal one. In fact, most security solutions today discourage broad threat coverage but rather focus on a comfort zone of threats.
That, at least in the opinion of the team behind PolySwarm, disincentives effective response and in fact creates incentives for bad actors and malware production. And they intend to attack the issue head on.
The platform incentivizes rapid innovation in the annual USD $8.5 billion anti-virus and automated cyber threat intelligence space by offering precise economic incentives that reward timely and accurate threat intelligence about the malintent of files, network traffic, and URLs.
The platform defines a real-time threat detection ecosystem that encompasses enterprises, consumers, vendors and geographically diverse security experts.
Technologically, PolySwarm will lower the barriers to entry, provide broader coverage options, discourage duplicative efforts and ensure interoperability among products and threat intelligence feeds.
Economically, PolySwarm also functions as a unique “jobs” market. It incentivizes machines and people to investigate the latest in malware evolution at not human but machine speed. And rewards participation with real economic rewards.
PolySwarm’s approach creates a number of unique benefits for any online user – whether they are individuals or corporations. Further, it hopes to offer incentives for White Hat behavior rather than contribute to an environment where bad actors are still economically motivated to wreak havoc. These benefits include:
Puts the user first: The PolySwarm platform and market it will create, directs economic incentives to malintent detection, also known as “threat intelligence.” It also as a direct consequence, provides users with timely access to broad, crowdsourced security expertise and triage.
Creates a gambling deterrent: No future data is required to accurately classify a threat.
Incentivize truth telling: The PolySwarm approach requires real expertise to confirm “ground truth” or third-party trustless authorization.
The PolySwarm platform and marketplace set up a bid/ask market that allows security experts to be rewarded for their expertise.
In this model, an “Ambassador” – a person who has a security concern or question, posts a “bounty” in the PolySwarm market for a particular problem they need solving – namely the identification of the digital object as a threat or benign. This can be posted with either a fixed listing fee or a fee proportional to the task at hand.
Experts study the problem and either assert that the item is a threat or not. System arbitrators then decide between experts who assert what they believe to also be the so-called “ground truth” – namely whether the object is malware or dangerous or not. The experts who decided on the same perspective as system arbitrators split the bounty set for this task.
The PolySwarm market runs on Nectar, a token that makes it easy to submit and classify potential threats on the PolySwarm market. Nectar replaces traditional license fees for anti-virus and threat-scanning subscription payments.
Token name: NCT
Token base: ERC-20 utility token
Token supply: TBD during the token sale but will be capped.
Token Accepted: ETH only. KYC controls include country of origin, email address, full name, IP address and acceptance of terms of sale agreement.
Token sale duration: February 20 – March 22, 2018
Token sale target: USD $5 million (soft cap), $50 million (hard cap)
Token price: 1 ETH = 31,337 NECTAR