Businesses, industries, or even the world is becoming more digital and interconnecting more than ever, including the risks associated with a digital world. Digital services, processes, and systems are all a part of the bigger global cyberspace. Cyberspace is a complex environment where interaction between people, software, things, and services comes together.
Cyberattacks can affect a business, society, the economy, and even the world just as severely as the financial crisis of 2008 and the COVID-19 pandemic. The World Economic Forum is already warning to prepare for a cyber-COVID pandemic. The recent U.S. oil pipeline DarkSide ransomware attack that forced the shutdown of a major gas pipeline that supplies 45% of all fuel consumed on the East Coast is a clear warning to prepare for such an event.
Cybercrime and attacks are already an upcoming threat, but with COVID-19, it has become a significant problem for governments, corporates, small businesses, and consumers. Worldwide the ransomware attacks, for instance, soared and grew 485% in 2020 when compared to 2019.
In the Netherlands, there are 1.344 reported cases of breaking and entering. However, there are 1.896 registered cybercrime incidents reported. Research about the Netherlands shows that in 2018 63% of data leaks were caused by staff who passed data or send personal details to the wrong person. Only 4% is because of malware, phishing, or hacking attack.
Every organization is a potential target
Potentially every organization can be a target for cybercriminals. The sorts of targets can vary between countries or because of the difference in goals among cybercriminals. The top sector of the Netherlands is a target for industrial or economic espionage, and national governments are interested in political intelligence. Vital processes are a popular target for sabotage, and of course, wealthy organizations are a favorite target of cybercriminals that want to earn money.
Cyber-attackers shift focus to SMEs
There is a switch from big corporate organizations being the primary target and victim of cybercrime to increasing cyberattacks against small and medium-sized organizations.
Security companies like EYE-Security have noticed a growth in attacks on SMEs.
The SMEs that work with sensitive information are the initial target of cyberattacks. These types of ransomware attacks are a relatively new development in the cybercrime world. Job Kuijpers, CEO of EYE, said that this extortion method was hardly ever used before in SMEs; now, it is the standard form of attack.
Organizations can serve as a steppingstone
Cybercriminals also attack organizations to get access to the data of other organizations. An organization that is a global supplier with massive personal data storage is an ideal target.
These concerns, for example, suppliers of hardware and software, vital processes, such as those of telecom companies, or organizations that collect and process personal data on a large scale, including medical and employee data.
Criminals actively search for weak links in business chains as a steppingstone to (more) attractive targets. Sectors or organizations that seem to be of no interest for direct attacks can still prove valuable to obtain an entry position to attack another primary target.
The secondary targets are a threat to your business because of gaps and vulnerabilities in their processes and systems —for example, system failure due to technicality, unpatched servers, or unintentional/ intentional error by employees. Employees are a considerable security risk, 90% of the data breaches in 2019 result from human error. The years before, employees accounted for 61% and 87% of the data breaches.
On top of all the reasons why relatively small organizations are a target, they need to level up their security to keep up with the fast and continuous developing cyber-criminals.
The fifth generation of cyber-attacks
Now, the 5th generation (Gen V) of cybercrime is fully developed. This generation of sophisticated multi-vector attack types can hit network, endpoint, mobile, and cloud environments as part of well-coordinated campaigns, which is significantly more disruptive than the traditional virus attacks because of their enormous impact. Also, cybercriminals specialize in different areas of the cybercrime market. Specialized criminals are another reason why cybercrime progresses at a much faster rate. Inexperienced criminals can almost immediately get to work because all the tools are easy to access, even including support or offering attack as a service.
Some examples of this specialization mentioned by KnowBe4 are:
- Cybercrime has its own social networks with escrow services
- Malware can now be licensed and gets tech support
- You can now rent botnets by the hour for your own crime spree
- Pay-for-play malware infection services that quickly create botnets
- A lively market for zero-day exploits (unknown vulnerabilities)
Many organizations’ security levels are lagging and are at the 2nd and 3rd generation maturity and struggle to keep up with today’s attacks’ sophistication and development speed.
In the next 8 to 15 years, quantum computing will threaten our security system based on the applied public key encryption algorithms. Quantum computers can potentially undermine the whole security system, the economy, communications, transportation, banking, energy, and other critical systems. For the time being, criminals can copy and store sensitive encrypted data for decryption in the future by quantum computing.
Five measures for better protection
Most organizations are protecting themselves with generation 2 and 3 security measures. For these organizations, it is time to step into the fifth generation of security. Below are five guiding principles that will help in the process to defend against the 5th generation cyber-attacks:
- Real-time threat prevention: defend your organizations from attacks with real-time threat prevention so you can act before the actual infiltration of your organization.
- Consolidated security system: simplify complexity resulting from gaps and fragmentation from point solutions to prevent your organization from complex cyberattacks effectively. And reduce the cost of remediation.
- Single pane of glass: a central security management environment that manages and monitors all integrated security components and responds to all security activities and events as a single, unified security system.
- Up-to-date threat intelligence: collect and share threat intelligence in real-time throughout the system to prevent zero-day attacks. Threat intelligence must cover all attack surfaces, including cloud, mobile, network, endpoint, and IoT.
- Security awareness training: Turn your employees from your biggest security risk into a line of defense with security awareness training by providing them with the required knowledge and essential guidelines to identify and respond to cyber threats.
With these precautions, you will make it more challenging for hackers and cybercriminals to find a weak spot in your organization.