Welcome to 2020, the year has begun with a bang—itgovernance.co.uk reports that the new decade started with 61 disclosed cybersecurity incidents in the first month, affecting a total of 1,505,372,820 records. The incidents occurred as a result of various cyber attacks, ransomware, data breaches, and malicious insiders. Interestingly, human error is reported as the root cause of 88 percent of data breaches in the United Kingdom.
If that is not bad enough, the United States Justice Department has just indicted four members of the Chinese military for the 2017 hack of Equifax, where data on 145 million Americans was stolen. Pause and reread that—the United States just indicted members of a foreign military in a major cyber attack. Is your organization ready to stand up to this kind of threat? What about organized crime? Script kiddies?
Are you even at risk? Well, according to Infosec, the organizations that cybercriminals most favor include:
- Financial Services
- Government Agencies
All these organizations have highly valuable intellectual property, sensitive records, personal data, and financial records or payment records. A breach of any of these organizations can gain a treasure of monetizable data.
Are cyber attacks getting worse?
In a word, YES! Cyber Security Ventures pegged the cost of cybercrime at $3 trillion worldwide in 2015 and predicts it will double to $6 trillion by 2021. At this valuation, the cost of cybercrime globally would rank in the neighborhood of the gross domestic product (GDP) of the top five economies of the world.
In 2019, 103 government agencies, 759 healthcare providers, and 86 colleges and universities were impacted by ransomware. Some of the top attacks for the year:
- Malicious data breach costing between $100 million and $150 million
- 100 million Americans and 6 million Canadians affected
- 140,000 Social Security Numbers, 1 million Canadian Social Insurance Numbers, and 80,000 bank accounts exposed
- Norsk Hyrdo
- Malware attack costing at least $52 million
- Forced to shut down or isolate manufacturing plants
- City of Baltimore
- Ransomware attack (RobbinHood malware) costing up to $18 million
- Hackers demanded $76,000 in Bitcoins, that the city refused to pay
- State of Texas
- 22 local government agencies fell victim to ransomware attack costing at least $12 million
- The hackers demanded $2.5 million in payment and the state refused to pay
- Grays Harbor Community Hospital
- Ransomware attack with $1 million demand
- An employee clicked a malicious link in a phishing email
- The Nashville based company paid at least $300,000 in ransom to a hacker who claimed that he stole the private information of thousands of employees and more than a million customers
- The hacker was a former employee who was arrested after the company noticed a laptop was missing
What should businesses do?
First and foremost, employees are the lynchpin, the tip of the spear in cyber defense—and the weakest link. A recent article in the Harvard Business Review gives testimony to this in that “over 95 percent of all [security] incidents investigated recognize ‘human error’ as a contributing factor.” Outbreaks of “WannaCry,” “Petya,” and “Mirari,” along with “the apparent state-sponsored attacks on Equifax and the American electoral system, all started because of poor decisions and actions from end users.”
A culture of awareness, vigilance, and “if you see something, say something” is paramount in deflecting cyber attacks. And, while well-meaning and educated employees are the first line of defense, all it takes is a momentary lapse of attention or a single mistake for an attack to penetrate the network.
Outside of educating employees, there are some obvious steps to take that include:
- Documented cybersecurity policies
- Use of “strong” passwords, changed frequently
- Deployment of a firewall
- Regular data backup
- Installation of anti-malware applications
- Multi-factor authentication
How to get real peace of mind
While all these preventative measures are helpful, each endpoint is a possible attack point. Endpoint managed alert monitoring helps reduce the risk of a massive breach during an attack. IT and security staff can’t spend all their time monitoring and validating threat alerts; they have other proactive and reactive tasks to contend with. So, when an attack does come, analysts need the best analysis, forensic capture, and mitigation tools available.
Layered security is the path to peace of mind. Along with the basics, the cybersecurity journey starts with mindful and vigilant employees, supported by a hardened exterior of firewall and network security, supported by endpoint management and monitoring. By using the power and efficiency of the cloud and big data, distributed endpoint security is not just possible, but probable.