2020 was a year of profound change and consequent results starting from the pandemic that took the world by storm, the following economic turmoil which rivalled the Great Depression, large social movements and escalating political unrest in and among countries. The waves of these events have reached the shores of businesses in every industry and caused great changes in their operations. Cyberspace is no exception as the reverberations of these events have affected it as well, particularly due to the role it plays in essential communication networks.
The unique circumstances that 2020 presented allowed cyber criminals to exploit vulnerabilities in companies and perpetuate damage projected to hit $6 trillion annually by 2021. This is a massive figure in damages which not only does financial damage to the organisations against which the attacks have been carried but also does tremendous damage to their reputation, their clients and partners. Moreover, the leakage of sensitive client information can lead to hefty lawsuits being filed against the firm, adding another expenditure to already exorbitant recovery costs. This is why it’s so important can companies, especially ones that handle sensitive data, to get Managed IT services in Jacksonville. This way, they know every part of their IT system, from its security to cloud strategy, is being taken care of by qualified individuals.
Cyber adversaries capitalised on the opportunity that the pandemic provided, the increased use of digital communication in supply chains and critical infrastructure of manufacturing industries. Threat actors targeted entities with potential interest in covid 19 vaccine distribution technologies with a well calibrated phishing campaign as well as a German MNC associated with a government-private sector task force responsible for securing essential PPE. The threat actors targeted over a 100 high ranking executives both within the organisation as well as its third party partners, all of whom were in management and procurement roles. This represents a high precision targeted campaign in order to manipulate the securement of PPE in May 2020.
Industries Most Targeted
That being said, the industries most attacked by cyber criminals have changed in 2020. According to data from IBM’s top 10 most attacked industries, the Finance and Insurance industry remains the top most targeted and attacked industry by cyber adversaries. Meanwhile, attacks on the Manufacturing and Energy industries shot up to replace the retail and transportation industry as the 2nd and 3rd most attacked industries, respectively. Professional services and Government industries did not see a change in the cyber attack volume and maintained their positions as 5th and 6th on the list. The Healthcare industry rose from the bottom of the list in 2019 to take 7th place in 2020 as cyber crime organisations released an onslaught of ransomware attacks against hospitals amidst the Covid-19 pandemic. Media, Transportation and Education industries all saw a dip in attacks against them and fell to 8th, 9th and 10th places on the list.
Common Causes of Data Breach
Data breaches can cause all sorts of problems for companies; Identity theft of users, leak of sensitive data, corporate espionage, etc. can all result from data breaches. This is why all businesses big and small are trying their best at avoiding a data leak. Not surprisingly, Verizon found that 86% of data breaches are financially motivated while espionage is the second biggest motive. Data breaches can be caused by a number of reasons, but the most common ones are –
- Weak and/or stolen credentials – Credentials, aka passwords, are popular targets of hackers. With the right person’s credentials, they can access a network and gain access to all sorts of privileged information and that too from a single source. An estimated 81% of hacking related data breaches are due to poor password passwords
- Social Engineering – The accomplishment of malicious activities through the use of human interaction is called social engineering. It is used to psychologically manipulate users into giving away sensitive security information so that it can then be used to breach security measures. Baiting, Pretexting and Phishing are all forms of social engineering. An estimated 98% of all cyber attacks rely on social engineering methods, says Purplesec.
- Malware – Software that is designed to cause damage to a computer, server, client or network is known as malware. Computer viruses, worms, Trojan horses, ransomware, spyware, etc. are all different types of malware. There have been 5.6 billion malware attacks in 2020, so far.
- Back Doors, Application Vulnerabilities – Flaws or weaknesses in applications that lead to them being vulnerable are known as application vulnerabilities. Web applications are especially vulnerable to attacks which can be carried out from various locations and through different attack vectors. 43% of data breaches stem from application vulnerabilities.
- Too Many Permissions – Many users have too many different permissions which they do not need and these permissions are exploited by hackers.
- Insider Threats – Users with legitimate access to an organization’s network who act maliciously against the organization are identified as insider threats. Users who unintentionally cause harm to the business are also considered as insider threats. According to a recent Ponemon study it was found that insider-related incidents have gone up 47% in just the last two years and 60% of organizations had insider-related incidents per year, with companies having to spend an average of $755,760 on each insider-related incident.
- Improper Configuration and User Error – Humans are prone to make mistakes (errors) and hackers exploit these errors to further their motives. An IMB study concludes that 95% of cyber security breaches happen as a result of human error.
Cyber Crime Frequency and Region
In a study at University of Maryland, it was found that hackers attack every 39 seconds which translates to a mind boggling 2,244 times a day. Consequently, security breaches have also increased by 11% since 2018 and 67% since 2014. What’s worse is that the average life cycle of a security breach is usually nearly 11 months and the average time it takes to identify the breach is 7 months which gives the hacker more than ample time to surveil on the company’s operations, steal data and essentially carry out any nefarious plan that they have in mind.
Moreover, it was found that the average global cost of a data breach is worth $3.93 million in 2019. The average cost of a ransomware attack on a business is $133,000 and the average cost in time estimated to be around 50 days.
Globally, the focus of cyber crimes were mostly on Europe, North America and Asia. This can be attributed to the fact that over 89% of the world’s GDP is commanded by these three continents. Europe was the most attacked geography in 2020 with 31% of attacks carried out in the region. Next, in the North American continent America and Canada were most heavily hit with 27% of attacks perpetrated there. Finally, the Asia-Pacific region took the brunt of 25% of cyber attacks with Japan being the most heavily targeted, followed distantly by India and Australia.
Recent Breaches of Cyber Security
Flaws in cyber security can have serious consequences and put at risk highly sensitive data. But, it is not just individuals who have to be careful about their cyber security. Large organizations have to be extra vigilant and make sure to fix any vulnerabilities that their platforms/networks may have. The result of the exploitation of a vulnerability in a Facebook address book contacts import feature resulted in a massive data leak of information of over 533 million users. Purportedly, Facebook remarked that they fixed the flaw which caused the leak in August 2019. However, the leaked data includes names, mobile numbers, few email addresses, genders, occupations, locations, and marital statuses of users. This highlights how important mobile application security testing is. All of this information is being circulated on hacker circles on a forum and is now allowing people to query the database for a mere $2. This data can be exploited by all manners of people including marketers, scammers, spammers, phishers, etc. for fraudulent purposes and illegal activity.
Security breaches also happen on national scales and it is not necessary that bad actors would only target countries in the West or only developed countries. Bangladesh was subject to a massive and targeted cyber attack on atleast 147 public and private organisations, including Bangladesh Bank and Bangladesh Telecommunication Regulatory Commission, by a hacker group, Hafnium. They attacked the organizations through a vulnerability in Microsoft Exchange Servers (MES) used in Bangladesh. After analysing the attack, BGD e-GOV CIRT Cyber Threat Research Unit found that several Bangladeshi organization’s IP addresses had already been exploited while others were still vulnerable to the threat. The agency then published a report citing methods to identify whether organisations had been compromised and what to do and what not to do in each scenario.
Investing in IT
For a lot of businesses, employing cybersecurity measures may not be a priority, especially for SMEs. But, this is a critical mistake that needs to be corrected. The number of cyber-attacks perpetrated in the region is growing every year and cyber-attack methods too are growing more sophisticated. While SMEs may feel that the large corporations or enterprises are more at risk, this is not true. Any business that holds data is at risk of cyber attacks as hackers can leverage this data to extort money from them. Large corporations are generally better equipped to deal with cyber threats and so SMEs provide an easier target for bad actors. 43% of cyberattacks were carried out against SMEs in the past year, and the average cost of each attack was $184,000 and within six months of a cyber attack, 60% of small businesses go out of business.
When it comes to how organizations can safeguard themselves against Cybercrime, prevention is always better than cure. What this means is being proactive against cyber threats and preventing them from even infiltrating the network is a much better option than remediating the situation after they have successfully gained access to it. Additionally, for those businesses who keep hold of data, it could be a good idea to look into processes like encryption. This will ensure that hackers are unable to make out the data, reducing the chances of data breaches. To keep the company safe, it might be worth auditing it infrastructures for compliance to make sure the company is running effectively and safely. Alongside doing that, here are a few other ways companies can strengthen cybersecurity for themselves and clients are:
- Investing in cloud-based endpoint technology – If your organization is commencing operations remotely and using clouds, then this is a must.
- Incorporate all devices in security plans – It is highly likely that the employees of your organization are working across multiple devices and so incorporating mobile device security in cyber security plans help eliminate a possible fatal vulnerability.
- Setting up multi-factor authentication to login to apps and networks – This step can help lower risk of identity compromise and adds another layer of security to the overall system.
- Training employees – As previously stated, human error is responsible for a staggering number of security breaches. Programs to teach prevention education, educating them on security policies and conducting regular security drills reduce these risks.
- Regular assessment of risks and vulnerabilities – Assessing risks and vulnerabilities allows an organization to know their shortcoming and security flaws. A plan of action can then be put together to remedy the situation. Breach protocols should also be prepared in combination of human effort and technology products and services, in case of a breach.
- Update software and systems – A large number of new malware and security threats are produced every day so running the latest, most updated patches of software helps protect the system best.
- Backup all data – Most organizations have an onsite backup system but in addition to that, keeping an offsite hidden cloud based backup helps protect the firm against ransomware that may encrypt important operational information, as well as serve to restore the data to the system in case the onsite backup system is compromised.
Cyber Safety for Individuals
The advancements in technology and cyberspace happen so fast that it becomes quite difficult for the average person to cope with it and to know what secure practices they should be enacting. So, here are a few simple ways in which individuals can keep themselves safe online.
- Use an antivirus: This may seem obvious, or even futile, to some people but antiviruses can keep you and your computer safe from all types of malware and threats. They should definitely be something to consider if you are concerned about your cyber safety.
- Use unique passwords: Using different, strong passwords for every login can seem a bit much but if hackers can discover one combination they might try it out on your other accounts and thus there might be a domino effect, compromising all your personal data.
- Clear your cache: The cache stored in your devices may have more information regarding you than you might want to admit and so clearing the cache, browsing data and cookies helps better protect that information.
- Don’t click dodgy links: If a link on an email or text seems shady or weird, even if it is from a trusted source, do not click on it. It is likely a phishing link which will compromise your security.
- Don’t overshare on social media: Everyone likes sharing things with friends and family, and even strangers, on social media. But sharing too many intimate details can end up compromising your personal information which you do not want the wrong person to gain access to. So, check your privacy setting and be cautious of who you share what information with.
by Muhammad Fahim Shahriar