Emerging Cyber Threats and Rising Cyber Security Risks for Organizations

In this digital era, the internet has facilitated the quick adoption of technology by businesses making online transactions easier. However, with increasing digitalization, the number of cyber-attacks is on the rise. It seems organizations are not fully equipped to manage IT security and tackle security threats to their business operations. Cyber-attacks can adversely impact businesses as they can compromise sensitive data and disrupt operations causing detrimental consequences. Nowadays, hackers understand these cyber vulnerabilities and know how to exploit them. Hence, businesses need to rethink their cyber security strategy in order to cope with the growing menace of cybercrime and reduce cyber risk.

Let’s take a look at the recently reported global cyber-attacks:

Several countries were hit by the “Wannacry” ransomware attack in May 2017 that locked the computers and held users' files for ransom at a multitude of hospitals, companies, and government agencies and affected more than 100,000 organizations in 150 countries. According to experts, the attack was caused by a self-replicating piece of software that enters organizations when employees click on email attachments which then spreads quickly and internally from computer to computer when employees share files. Affected users can restore their files from backups, if they have it, or pay the ransom; otherwise they would risk losing their data entirely.

About a month after WannaCry ransomware attack, a new wave of ransomware called ‘Petya’ targeted many businesses across the world, including India and Europe. Several companies in the UK, Russia, Ireland, France, and Spain, suffered this cyber-attack in June 2017.  The malicious software spread through large firms in these countries and the firms confirmed that their computer systems crashed following the attack. Furthermore, in the month of June, Chinese malware Fireball infected over 250 million computers across the world and its biggest victim was India, followed by Brazil. The malware manipulated the hijacked browser in order to turn the default search engines into fake ones. It was designed to run any programming code on the infected computer and download files. Thus, it was capable of spying on users of infected computers and installing more malware. Such cyber spying could also lead to theft of banking credentials, patents, and other confidential data.

Cyber threats have changed drastically over the past few years. Top trends in cyber security risk include:

• Intellectual property theft (IP theft involves stealing people or companies of their ideas, inventions, and creative expressions, known as “intellectual property” which could include everything ranging from trade secrets to proprietary products),

• Cyber extortion risk (cyber extortionis a kind of cyber-attack coupled with a demand for money to avert or stop the attack),

• Malware and ransomware attacks (malware or malicious software, refers to a variety of forms of hostile or intrusive software, including computer viruses, worms, Trojan horses, ransomware, spyware, adware, scareware, and other malicious programs etc., which act against the requirements of the computer user, and it is specifically designed to disrupt, damage, or gain unauthorized access to a system),

• Industrial IoT technologies hacks (hacking - a practice of modifying or altering software and hardware technology to accomplish a goal that is considered to be outside of the creator's original objective),

• DDoS attacks (a type of attack where multiple compromised systems, often infected with a Trojan virus, are used to target a single system causing a Denial of Service (DoS) attack. Now, in a distributed denial-of-service attack (DDoS attack), the incoming traffic that floods the victim’s system originates from different sources. This effectively makes it impossible to stop the attack simply by blocking a single source), and

• Data breach (a security incident in which sensitive or confidential data is viewed, copied, transmitted, stolen, or used by an unauthorized individual).

  
  

Cybersecurity is constantly evolving and it is important for IT security departments to stay updated on the latest kind of threats. One of the crucial steps in cybersecurity management is to understand security risks in the context of business. It is critical for the businesses to implement appropriate control over their infrastructure security. According to Ernst & Young’s Global Information Security Survey 2015, more than 50% of organizations consider their own employees as the most likely source of cyber-attacks, a reported increase of 12% from 2014. In most cases, employees disclose sensitive information and compromise on security unintentionally. This implies that cybersecurity awareness and education is one of the most important steps in reducing the cybersecurity risk posed by the employees. Firms must instruct employees to not open unknown attachments and personal emails on firm computers/laptops and they should not download or open any unauthorized software. Another vital strategy should be using a robust identity and access management system which could help in limiting the threat of cyber-attack by limiting the employees’ access to sensitive data.

With the IT landscape in organizations growingly increasingly complex, it is crucial that the data security teams choose the right processes and tools to safeguard themselves from potential cyber threats. The need for safe and secure network architecture is a necessity. It is necessary to have backup of important data on a removable hard drive. Given the rising incidences of cybercrime globally, suppliers/vendors/third parties should also be instructed to regularly test their networks for vulnerabilities and potential security risks. They should invest in technology that includes antivirus, spyware, intrusion prevention etc. and also use an efficient firewall. If the contract with the supplier/third party provides for it, then clients should ask for reports from internal audit of security, Business Continuity Plan (BCP)/Disaster Recovery (DR); as well as conduct their own audits.

Please visit our previous blog titled “Global Ransomware Attack Cautions Organizations to Increase Security of Critical Systems” to understand more on Ransomware attacks and how to minimize these impacts.