As a result of the coronavirus pandemic, organizations have been forced into a rapid digital transformation. Many of them have been forced to put in place remote work environments. This sudden shift from onsite to remote has challenged the balance between flexibility and security.
Early on, “connectivity first” was the focus for many organizations, leaving these complex IT environments open to security threats. According to the FBI, instances of cybercrime have jumped by up to 300% since the start of pandemic.
Beware of Cyber Security Threats
Cyber security threats are becoming more sophisticated and intense amid increasing levels of remote work and dependence on digital devices.
- The World Economic Forum’s “Global Risks Report 2020” states the chances of catching and prosecuting a cybercriminal are very low, at 0.05%.
- And according to the latest report from McAfee, global losses from cybercrime now total more than $1 trillion.
Organizational awareness, resilience and preparedness are key to securing your sensitive data and avoiding breaches.
Here are the top 3 cyber security threats your organization must be aware of during 2021.
Ransomware has become the cyber weapon of choice. According to a research study by Deep Instinct, ransomware increased by 435% during 2020, as compared with 2019.
The FBI Internet Crime Complaint Center (IC3) has reported receiving between 3,000 and 4,000 cyber security complaints every day. That’s up from the average 1,000 complaints per day before the pandemic.
One of the reasons: Criminal hacker groups are more sophisticated in their phishing exploits with the use of machine learning. That has led the estimated cost of ransomware to rise, up from $11.5 billion in 2019 to $20 billion in 2020. And that trend continues to grow.
Some of the more recent kinds of ransomware and their threats include:
- Darkside targets theft and encryption of sensitive data, including backups through Recovery-as-a-Service (RaaS).
- REvil, also known as Sodin and Sodinokibi, is a ransomware group with a reputation for extorting larger ransom payments than their competitors, as well as promoting underground cybercrime forums.
- Netwalker, created by the cybercrime group Circus Spider during 2019, allows hackers to rent access to malware code in exchange for a percentage of the funds received.
- Conti uses a double-extortion technique to encrypt data on an infected machine. Attackers from this group usually send a phishing email originating from an address the victim trusts.
- Clop, aka ClOP, uses phishing emails to initiate negotiations. If the emails are ignored, they threaten to publicize and auction off stolen data on the data leak site “CLOP^_-LEAKS.” Clop ransomware operators primarily extort top executives and customers.
Data breach incidents involve information being stolen from a system, without the knowledge or authorization of the system’s owner. Stolen data includes sensitive, proprietary or confidential information, such as credit card numbers, customer data, trade secrets or matters of national security.
As a result of data breaches, consider:
- During 2020, more than 36 billion records had been exposed.
- During the first three quarter of 2020, 21% of reported breaches involved ransomware.
- The most sought-after record type in data breach cases are your customers’ personally identifiable information (PII). Eight out of 10 hacked organizations report thieves specifically targeted PII.
- The average total cost for a data breach is approximately $3.86 million.
- Most data breaches are attributed to hacking or malware attacks.
Data breach methods include:
- Unintended disclosure. A malicious or accidental disclosure of confidential or sensitive information.
- Payment card fraud. Card data is stolen, using physical skimming devices.
- Loss or theft. Portable drives, laptops, office computers, files and other physical properties are lost or stolen.
- Insider leak. A trusted individual or person of authority, with access privileges, steals data.
A study by consulting firm Infosys reported 65% of consumers lose trust in a business when there’s a data breach. And 85% responding say they don’t want to deal with those organizations again.
On the other side of it, a 2021 study from ISACA found only 32% of responding organizations felt highly prepared for an attack.
Various regulations and laws ensure your organization has safeguards to protect your customer data. Failure to follow applicable data privacy policies may lead to fines, lawsuits and even prohibition of your website’s use in certain jurisdictions.
Social engineering attacks gain your trust to reveal sensitive information or grant access to critical resources. It uses human error, rather than vulnerabilities in software and operating systems, to capture sensitive information.
Here are the most common forms of digital social engineering assaults.
Phishing scams are email and text message campaigns aimed at creating a sense of urgency, curiosity or fear in its victims. Examples include alerts of policy violations requiring immediate actions, such as a password change or opening an attachment, which contains malware.
A more targeted version of the phishing scam, spear phishing hits specific individuals or organizations. The messages are tailored along characteristics, job positions and contacts belonging to its victims. This makes the attack less conspicuous.
An example of spear phishing is impersonating an organization’s IT consultant, deceiving recipients to give access by entering information, such as passwords, onto a malicious page. That’s where the attacker can capture credentials.
According to the SANS Institute, 95% of breaches were by way of spear phishing attacks.
Baiting lures victims into a trap, which steals personal information or inflicts systems with malware. Examples of baiting scams include ads leading to malicious sites or downloading malware-infected applications.
Scareware is also known as deception software, rogue scanner software and fraudware. It misleads victims with false alarms and fictitious threats, alerting them that their systems are infected with malware. This typically prompts them to install software that’s malware.
An example of scareware are pop-up banners, which read: “Your computer may be infected with harmful spyware programs.” It then directs you to a malicious site, where your computer becomes infected.
Pretexting impersonates your co-workers or officials, so sensitive information can be accessed as part of a critical task. Information gathered during a pretexting scam includes social security numbers, personal addresses, phone numbers, bank records and an organization’s security information.
Threat agents are constantly on the lookout for vulnerabilities at your organization to exploit for financial gain.
Therefore, your IT security teams must develop strong security policies in response to these cyber security threats and challenges. Then, they must effectively communicate and educate those security policies to your entire workforce and train employees how to respond to them.
Your organization needs to evaluate its current cyber-hygiene practices and cyber security posture. Doing so means you must assess how your people, processes and technology are operating. And which risks are of greatest concern to your organization.
Activating innovative technologies to monitor, alert and analyze activities in your network, such as artificial intelligence and machine learning tools, can help provide proactive visibility and predictive analytics.
Steps to take with a trusted security partner include:
- Developing cyber security policies designed to protect your organization’s network from malicious attacks
- Integrating threat modeling and implementing secure by design across all components of your organization
- Finding all input file sources and making sure proper protections are in place to identify and quarantine malicious files
- Carrying out frequent cyber security awareness training for all new and existing employees, informing and educating them about how to recognize and report cyber security threats
- Performing frequent network and application vulnerability scans to find threats or system misconfigurations
- Conducting penetration testing, using a trusted security partner, for vulnerabilities, then providing recommendations for improving your organization’s security posture
- Understanding applicable operational, regulatory and compliance laws and mandates, ensuring compliance and avoiding fines, penalties and reputational damage
Ready to learn more from our cyber security experts?
[Attend our upcoming LinkedIn Live event: Ransomware: Critical Steps You Must Take Now to Ensure Your Organization Isn’t the Next Headline]
About the Author: Phani Yalamanchili
Phani Yalamanchili serves as a Cyber Security Specialist at System Soft Technologies. Phani has more than 15 years of industry experience in the Cyber Security Practice, advising customers about cyber strategy, security architecture implementation and policy. He’s a Security Evangelist, who can build security infrastructures from the ground up, improving security postures for organizations in the financial and healthcare industries. He also can enable DevSecOps practices, embedding security controls within the software delivery lifecycle.