Is your company really prepared for a cyber attack? Part 1
The rise of smart devices and shifting customer preferences have driven the global digital transformation at full steam. As a result, companies are discovering more and more opportunities and cutting-edge resources for competitive advantage and growth.
Moreover, the pandemic has forced many organizations to switch to remote work, which has spurred an increase in the adoption of new technologies such as cloud, artificial intelligence (AI) / machine learning, internet of things (IoT), big data, and social media. That’s when digital transformation shifted from a long-term goal to reality.
However, the rise of digital transformation initiatives in companies of all sizes is revealing specific vulnerabilities for most organizations. With the emergence of these new technologies, the threat is continually increasing.
This has made it critical for businesses and security teams to manage the risks of digital transformation, increasing and enhancing IT and cyber risk management capabilities to support this new paradigm.
Let’s move on and see how the digital transformation is changing IT and cybersecurity programs.
What Are Cyberattacks Types And Trends?
The future of cybersecurity brings with it many changes, some of which we can predict today. Companies tend to be unprepared for the fastest-spreading threats, including ransomware. Ransomware prevalence increased 365% between Q2 2018 and Q2 2019 and then grew another 148% during the COVID-19 crisis, according to research by Osterman Research.
Attackers’ strategies and techniques change quickly. According to IBM Security X-Force Incident Response, which saw an explosive increase in ransomware attacks especially in Q2 2020, today’s attackers are very agile. Ransom demands are steadily increasing as attackers narrow their focus to victims, such as manufacturers who can incur millions of dollars in losses for a day of downtime and therefore have little tolerance for it.
Threat agents are also combining new extortion tactics based on data theft into ransomware attacks, stealing confidential company information and threatening to make it public if their victims do not pay for the decryption key. These tactics require a review of incident response and crisis recovery plans, but many security teams are not keeping pace.
Learn about the most common types of cyberattacks in companies below.
Malware is a term used to describe malicious software, including spyware, ransomware, viruses, and worms. Malware breaches a network through a vulnerability, typically when a user clicks a dangerous link or email attachment that installs dangerous software. Once inside a system, malware can do the following:
- Block access to key network components.
- Install additional malware or harmful software.
- Secretly obtain information by transmitting data from the hard drive.
- Stop certain components and make the system inoperable.
Phishing is the practice of sending fraudulent communications that appear to come from a trusted source, usually via email. The purpose is to steal sensitive data such as credit card and login information or install malware on the victim’s machine. Phishing is an increasingly common cyber threat.
Man-in-the-middle (MitM) attacks, also known as spy attacks, occur when attackers enter into a two-party transaction. Once attackers disrupt traffic, they can filter and steal data.
Two common entry points for MitM attacks are:
- In insecure public Wi-Fi, attackers can insert themselves between a visitor’s device and the network. Without knowing it, the visitor passes all information through the attacker.
- After a malware has breached a device, an attacker can install software to process all of the victim’s information.
A denial-of-service attack floods systems, servers, or networks with traffic to exhaust resources and bandwidth. As a result, the system is unable to fulfill legitimate requests. Attackers can also use multiple compromised devices to launch this attack. This is known as a distributed denial of service (DDoS) attack.
A Structured Query Language (SQL) injection occurs when an attacker inserts malicious code into a server that uses SQL and forces the server to reveal information it normally would not. An attacker could perform a SQL injection simply by sending malicious code to a vulnerable website search box.
A zero-day exploit occurs after a network vulnerability is announced, but before a patch or solution is implemented. Attackers target the vulnerability disclosed during this period. Detecting zero-day vulnerability threats requires constant awareness.
DNS Tunneling uses the DNS protocol to communicate DNS traffic over port 53. It sends HTTP and other protocol traffic through DNS. There are several legitimate reasons to use DNS Tunneling. However, there are also malicious reasons to use DNS tunneling via VPN services. They can be used to mask outbound traffic such as DNS, hiding data that is normally shared over an Internet connection. For malicious use, DNS requests are manipulated to extract data from a compromised system into the attacker’s infrastructure. It can also be used to command and control callbacks from the attacker’s infrastructure to a compromised system.
What Are the Risks of a Cyberattack for Companies?
The PWC 2020 Annual CEO Survey has found that North America’s top executives reported cybersecurity as their number-one concern, with half of the respondents describing “extreme concern” regarding their cyber vulnerabilities. As data breaches and attacks become more ubiquitous, with estimates reaching 1 every 5 minutes since the GDPR laws went into effect, organizations are bracing themselves for these cybersecurity threats.
While cybercriminals rarely discriminate, some industries are more vulnerable than others. So, here are some of the industries and sectors most at risk for cyberattacks and breaches.
Healthcare organizations continue to be the ones most exposed to cyberattacks this year. Data breaches and ransomware attacks in the past year alone have cost the industry an estimated $4 billion, with the industry accounting for more than four out of ten breaches as well.
With the launch of 5G, it is expected that more devices and sensors will be connected to supply chains, communities, organizations, and locations. Although this kicks off a new wave of the communications revolution, experts note this poses new risks for consumers and businesses. As it is a move to all-software networks and wider bandwidth, high-level hackers can exploit these emerging vulnerabilities and have a larger attack surface to work with. Meanwhile, the ubiquity of sensors and devices will require a newer and more rigid framework for endpoint security across all industries.
It is no surprise that cybercriminals are targeting financial data from the banking and finance industry. In fact, a Clearswift survey in the UK has found that over 70% of financial institutions were victims of cyberattacks in the past year. But as institutions and organizations implement stricter protections and protocols, some sectors of the industry remain vulnerable. While relatively small in scale, attacks on retirement accounts carry enormous risks.
The losses are not just monetary: according to a McAfee survey, 92% of companies felt other damages rather than just monetary losses. These losses include reduced efficiency and downtime, operational costs for incident response, and reputational damage. Nowadays, more and more people are considering trust as an aspect when relating to companies. In times of digital transformation and greater competition in the market, this makes all the difference.
Loss of customer and stakeholder trust can be the most damaging impact of cybercrime, as the vast majority of people would not do business with a company that has been breached, especially if it did not protect its customers’ data. This can translate directly into business loss as well as the devaluation of the brand you have worked so hard to build. Accepting a reputation scam can also affect your ability to attract top talent, vendors, and investors.
So far, how do you assess your company’s cybersecurity posture? If you believe there are actions to improve your posture, keep reading the article in part 2 available here.
Are you enjoying this post? Join our Newsletter!
According to Cybersecurity Ventures, the world ended 2020 with 300 billion passwords to protect. And the trend shows this number will increase dramatically. Email accounts (personal and professional), banking services, corporate systems, devices, and applications are some examples that require authentication through passwords. And with the increase in the number of data leaks, it is easy to find compromised credentials on forums on the dark web being sold for pennies.
And yes, we know that it is not easy to manage so many passwords. Even the most tech-savvy can struggle to manage and protect credentials in so many different environments. In times of personal data protection legislation, such as LGPD and GDPR, ensuring the protection of such data has become more than a security requirement – it is a business must.
Despite all the risks associated with their use, many users and companies use passwords that are easy to guess, such as numbers or sequential letters (123456 or abcdef). SolarWinds itself, the victim of a serious attack on its supply chain, was using the password solarwinds123 in its infrastructure. Certainly, your email password or mine is stronger than the one used by this American technology company.
So, on this World Password Day, here are some tips that should be considered by users to keep their data protected:
- Use long and complex passwords. This prevents hackers from using techniques to guess them. However, just using complex passwords may not be enough to protect them from hackers.
- Many devices are configured with default passwords. Change them immediately.
- Avoid reusing your passwords on different accounts. Also, constantly check if you have already been the victim of a data leak through senhasegura Hunter. If so, change your passwords immediately.
- Configure your passwords to be changed frequently. The ideal is at least every 3 months.
- Do not write down, store in an easily accessible place, or share your passwords with others, thus avoiding unauthorized access.
- Consider password management solutions, or even privileged access management (PAM), to manage the use of systems and devices.
- Use Multiple-Factor Authentication (MFA) mechanisms to add a layer of security to your accounts.
- Set up means of retrieving access, such as including phone numbers or emails.
Passwords are one of the oldest security mechanisms in the computing world and are also one of the main attackvectors by hackers. And in the “new normal” era, with increasing threats resulting from the covid-19 pandemic, it is vital that users be alert and properly protect their digital identities. In this way, we can avoid cyberattacks that can cause considerable damage not only to people, but also to companies. And on this World Password Day, remember: security starts with you!