Cybersecurity was a growing concern even before the Internet became the dominant form of communication. Now with the exponential growth of economic activity taking place solely online, cyberthreats to business, and particularly small business, will only grow in the coming years.
Data by RiskIQ suggests cybercrime costs organizations $2.9 million every minute, and major businesses lose $25 per minute as a result of data breaches. Despite the warning signs, most businesses are not prepared to deal with cyber threats. Research from Accenture shows nearly 70% of business leaders feel their cybersecurity risks are increasing and, according to Varonis, only 5% of companies’ data is properly protected.
Research shows things are only going to get worse. “Cybercrime has been on an ascending pace since the widespread adoption of commercial and residential Internet,” says cybersecurity expert Bogdan Botezatu, director of threat research at Bitdefender. “Along with a sharp increase in the number of cyber attacks, there’s also a growing diversity in the types of cyber threats, making it difficult to effectively protect important data moving forward.”
“Ransomware attacks have become mainstream with the proliferation of ransomware-as-a-service, where cyber-criminal groups create and market ransomware to affiliates,” he explains.
“Data breaches have also become the new normal as attackers are capitalizing on illegally-gained access to steal customer information, intellectual property or trade secrets to be sold or exchanged in specialized underground forums.”
The pandemic has exacerbated the cyber threat problem, as companies of all sizes turned to remote work. Work-from-home is likely to stay in the foreseeable future, so these problems will persist, Botezatu says.
While most industries experience some form of cyber threats, certain sectors need to be extra cautious as they tend to be more affected than others. “Hospitals, critical infrastructure, transportation, and education are some of the most frequently targeted industries,” Botezatu says.
Take healthcare, for example. “Ransomware attacks on the sector occurred at a rate of four incidents per week in the first half of 2021, and we know this is just the tip of the iceberg, as there is a significant absence of public reporting and available data in many regions,” writes Stephane Duguin, CEO of the CyberPeace Institute.
“Health records are low-risk, high reward targets for cybercriminals — each record can fetch a high value on the underground market, and there is little chance of those responsible being caught,” he explains.
Beyond these, “Cyber-attacks have also evolved into the realm of warfare as more and more nation states are arming themselves with digital weapons in the form of zero-day exploits and technology designed for espionage or data exfiltration,” Botezatu says.
Looking at cyber threat statistics, fear is a natural response, but Botezatu assures businesses still have several ways to protect themselves. Here’s what he suggests:
Ransomware attacks can be damaging for an organization of any size. Now, cybercriminals are creating and marketing ransomware to affiliates, or Ransomware-as-a-Service, which means their attacks are more ruthless and it’s even harder to catch them.
This means a bleak future for all, unless both the business community and governments around the world adopt a more active policy. “Ransomware has become too large of a threat for any entity or sector to address alone; the magnitude of this challenge urgently demands united global action,” says INTERPOL Secretary General Jürgen Stock.
Here public-private partnerships come into play. “As ransomware becomes an increasingly important risk for the economy and society, law enforcement organizations have started partnering with cybersecurity vendors to dismantle ransomware rings,” Botezatu says. “This collaboration results in decryption tools that help victims recover from an attack without contributing to the financial success of the ransomware operator and affiliates.”
“All investigations benefit from a strong cooperation between private and public sides, where we provide decryptors for victims, perform attack attribution, and open source our intelligence findings,” says Bitdefender's Chief Security Strategist Alexandru Catalin Cosoi. “But all of that is useless if no one acts on it.. and cybercriminals walk away.”
For many years, this worked: cybersecurity reacted to attacks and mitigated the damage caused. But now, it’s not just the private-public partnerships that are changing this dynamic. Technological innovations also make it easier for defenders to proactively protect against emerging threats.
Leveraging AI and other tech like “Virtualization,” “Blockchain Networks,” and “Cloud and Quantum Computing” are among some of these future-looking tools. For instance, working with cloud computing can make data storage and protection easier, while AI can offer automatic threat detection programs to identify attacks before they happen.
With the ever-evolving threats, companies are advised to consider investing more in anti-ransomware protection as data encryption is just half of the story, Botezatu says.
“Victims often have their data exfiltrated and become subject to additional extortion, legal obligation, and ultimately, loss of reputation and/or business. Investing in multi-layered cyber-security defense increases the cost for cyber-criminals and decreases the likelihood of a successful attack,” he adds.
“Sophisticated attacks designed to evade security technology detection often mimic 'normal' processes or execute in multiple stages through multiple vectors including endpoints, networks, supply chains, hosted IT and cloud services,” Botezatu says.
“Bitdefender XEDR thwarts complex attacks by ingesting, examining, and correlating telemetry across endpoints to detect indicators of compromise (IOCs), APT techniques, malware signatures, vulnerabilities, and abnormal behaviors.” This advanced monitoring automates early detection of attack scenarios, providing security and IT staff with a single dashboard view wherever the attack started.
Learn more about how you can protect your organization with Bitdefender XEDR.
Bitdefender is a global security technology company that delivers solutions in more than 100 countries through a network of value-added alliances, distributors and reseller partners. Since 2001, Bitdefender has consistently produced award-winning business and consumer security technology, and is a leading security provider in virtualization and cloud technologies. Through R&D, alliances and partnership teams, Bitdefender has elevated the highest standards of security excellence in both its number-one-ranked technology and its strategic alliances with the world’s leading virtualization and cloud technology providers.View all posts
June 02, 2023
Don’t miss out on exclusive content and exciting announcements!