Is your company really prepared for a cyber attack?
Is your company really prepared for a cyber attack?
The rise of smart devices and shifting customer preferences have driven the global digital transformation at full steam. As a result, companies are discovering more and more opportunities and cutting-edge resources for competitive advantage and growth.
Moreover, the pandemic has forced many organizations to switch to remote work, which has spurred an increase in the adoption of new technologies such as cloud, artificial intelligence (AI) / machine learning, internet of things (IoT), big data, and social media. That’s when digital transformation shifted from a long-term goal to reality.
However, the rise of digital transformation initiatives in companies of all sizes is revealing specific vulnerabilities for most organizations. With the emergence of these new technologies, the threat is continually increasing.
This has made it critical for businesses and security teams to manage the risks of digital transformation, increasing and enhancing IT and cyber risk management capabilities to support this new paradigm.
Let’s move on and see how the digital transformation is changing IT and cybersecurity programs.
What Are Cyberattacks Types And Trends?
The future of cybersecurity brings with it many changes, some of which we can predict today. Companies tend to be unprepared for the fastest-spreading threats, including ransomware. Ransomware prevalence increased 365% between Q2 2018 and Q2 2019 and then grew another 148% during the COVID-19 crisis, according to research by Osterman Research.
Attackers’ strategies and techniques change quickly. According to IBM Security X-Force Incident Response, which saw an explosive increase in ransomware attacks especially in Q2 2020, today’s attackers are very agile. Ransom demands are steadily increasing as attackers narrow their focus to victims, such as manufacturers who can incur millions of dollars in losses for a day of downtime and therefore have little tolerance for it.
Threat agents are also combining new extortion tactics based on data theft into ransomware attacks, stealing confidential company information and threatening to make it public if their victims do not pay for the decryption key. These tactics require a review of incident response and crisis recovery plans, but many security teams are not keeping pace.
Learn about the most common types of cyberattacks in companies below.
Malware
Malware is a term used to describe malicious software, including spyware, ransomware, viruses, and worms. Malware breaches a network through a vulnerability, typically when a user clicks a dangerous link or email attachment that installs dangerous software. Once inside a system, malware can do the following:
- Block access to key network components.
- Install additional malware or harmful software.
- Secretly obtain information by transmitting data from the hard drive.
- Stop certain components and make the system inoperable.
Phishing
Phishing is the practice of sending fraudulent communications that appear to come from a trusted source, usually via email. The purpose is to steal sensitive data such as credit card and login information or install malware on the victim’s machine. Phishing is an increasingly common cyber threat.
Man-In-The-Middle
Man-in-the-middle (MitM) attacks, also known as spy attacks, occur when attackers enter into a two-party transaction. Once attackers disrupt traffic, they can filter and steal data.
Two common entry points for MitM attacks are:
- In insecure public Wi-Fi, attackers can insert themselves between a visitor’s device and the network. Without knowing it, the visitor passes all information through the attacker.
- After a malware has breached a device, an attacker can install software to process all of the victim’s information.
DDoS (Denial-of-Service)
A denial-of-service attack floods systems, servers, or networks with traffic to exhaust resources and bandwidth. As a result, the system is unable to fulfill legitimate requests. Attackers can also use multiple compromised devices to launch this attack. This is known as a distributed denial of service (DDoS) attack.
SQL Injection
A Structured Query Language (SQL) injection occurs when an attacker inserts malicious code into a server that uses SQL and forces the server to reveal information it normally would not. An attacker could perform a SQL injection simply by sending malicious code to a vulnerable website search box.
Zero-Day Vulnerability
A zero-day exploit occurs after a network vulnerability is announced, but before a patch or solution is implemented. Attackers target the vulnerability disclosed during this period. Detecting zero-day vulnerability threats requires constant awareness.
DNS Tunneling
DNS Tunneling uses the DNS protocol to communicate DNS traffic over port 53. It sends HTTP and other protocol traffic through DNS. There are several legitimate reasons to use DNS Tunneling. However, there are also malicious reasons to use DNS tunneling via VPN services. They can be used to mask outbound traffic such as DNS, hiding data that is normally shared over an Internet connection. For malicious use, DNS requests are manipulated to extract data from a compromised system into the attacker’s infrastructure. It can also be used to command and control callbacks from the attacker’s infrastructure to a compromised system.
What Are the Risks of a Cyberattack for Companies?
The PWC 2020 Annual CEO Survey has found that North America’s top executives reported cybersecurity as their number-one concern, with half of the respondents describing “extreme concern” regarding their cyber vulnerabilities. As data breaches and attacks become more ubiquitous, with estimates reaching 1 every 5 minutes since the GDPR laws went into effect, organizations are bracing themselves for these cybersecurity threats.
While cybercriminals rarely discriminate, some industries are more vulnerable than others. So, here are some of the industries and sectors most at risk for cyberattacks and breaches.
Healthcare Industry
Healthcare organizations continue to be the ones most exposed to cyberattacks this year. Data breaches and ransomware attacks in the past year alone have cost the industry an estimated $4 billion, with the industry accounting for more than four out of ten breaches as well.
Technology Industry
With the launch of 5G, it is expected that more devices and sensors will be connected to supply chains, communities, organizations, and locations. Although this kicks off a new wave of the communications revolution, experts note this poses new risks for consumers and businesses. As it is a move to all-software networks and wider bandwidth, high-level hackers can exploit these emerging vulnerabilities and have a larger attack surface to work with. Meanwhile, the ubiquity of sensors and devices will require a newer and more rigid framework for endpoint security across all industries.
Financial Market
It is no surprise that cybercriminals are targeting financial data from the banking and finance industry. In fact, a Clearswift survey in the UK has found that over 70% of financial institutions were victims of cyberattacks in the past year. But as institutions and organizations implement stricter protections and protocols, some sectors of the industry remain vulnerable. While relatively small in scale, attacks on retirement accounts carry enormous risks.
The losses are not just monetary: according to a McAfee survey, 92% of companies felt other damages rather than just monetary losses. These losses include reduced efficiency and downtime, operational costs for incident response, and reputational damage. Nowadays, more and more people are considering trust as an aspect when relating to companies. In times of digital transformation and greater competition in the market, this makes all the difference.
Loss of customer and stakeholder trust can be the most damaging impact of cybercrime, as the vast majority of people would not do business with a company that has been breached, especially if it did not protect its customers’ data. This can translate directly into business loss as well as the devaluation of the brand you have worked so hard to build. Accepting a reputation scam can also affect your ability to attract top talent, vendors, and investors.
So far, how do you assess your company’s cybersecurity posture? If you believe there are actions to improve your posture, keep reading the article in part 2 available here.