Inflation has been a (not so) hot topic over the past year. As prices rise on grocery store shelves, unfortunately so do ransom costs because cybercriminals have bills to pay too. The following piece by Ntirety CEO Emil Sayegh was originally published in Forbes.
The Combined Peskiness Of Inflation and Cybercriminals
Not a day goes by where hackers are not making American lives worse. From fraud to ransomware, from data leaks to compromised passwords, it’s another serious problem for all of us to deal with. Lately, both business leaders and the public have become concerned with hyperinflation. Nobody likes it, but it is here— and as it is with most changes, a bit of upheaval will follow. Beyond the personal economic impact, there are serious cyber implications as well and it all leads to an uncertain future.
Paying More for Cyber Crime
I hate to tell you this, but hackers pay bills, too. Inflation is a factor of our national economy and when it surges as it has in the last several months, it carries a significant impact to everyday life and can cause significant disruptions. Prices increase across the board and in time, they will affect just about everything around us. That goes for the cost of cloud computing, software, support, and yes, hackers.
Hackers, while arguably the lowest forms of life, live with the rest of us. They are not tucked away on a secret island somewhere with an independent economy. I am not attempting to incur sympathy for the increased financial burden for hackers and cybercriminal groups, however we must consider what is surely about to happen in terms of their cost of operations, cost of living and continuation of their raw activity returns.
- 2021 saw a 17% increase in publicly disclosed ransomware attacks, while certain sectors such as retail saw a 100% increase in attacks.
- Ransom amounts increased tremendously in 2021 with the largest ransomware payout being made by an insurance company at a whopping $40 million, setting a world record.
- Faced with mounting power, computing, and living costs, ransomware event frequency will increase, while the target size of companies will continue to decrease.
- Attack selection will focus on time and location where targets are the most vulnerable.
- Based on dire financial situations in certain areas of the world, a new, much younger generation of hackers will arrive and join the cause.
- Attacks will continue to become easier to implement.
- New attack vectors will be discovered, most likely after a major attack.
- The number of weakened organizations will increase. Faced with financial pressures and mounting costs, organizations may cut corners or delay security preparedness.
- Virtual currency, the preferred payment channel of cybercriminals, will swing wildly as incidents play out.
To put it simply, the market for cyber attacks is exceedingly lucrative for those that ply within that trade. And a climate of financial pressures and supply chain issues are nothing more than an opportunity for cyber criminals to turn up the heat. It is a perfect storm that pays favor to cybercrime.
As a matter of definition, cyber attacks seek vulnerability. Optimal timing is a major factor found in the aftermath of an attack incident. In many cases, intrusions occur on some vestigial digital component— such as an environment that was slated to retire but never quite made it, an unpatched, lightly-managed server, or those couple of dozen users who refused or were unable to migrate their workstations.
Cyber Attack Targeting is Limitless and Without Morals
Technical deficiencies aside, the industry position of a target could also be what makes it a target in the first place. These are crimes of opportunity that seek to maximize their potential leverage in burdened industries. For example, at the moment people are feeling the inflationary impact at the gas pump, at the grocery store, at their favorite restaurants and in many retail situations. Cybercriminals are actively selecting their targets on the greatest potential to exploit legacy security systems and to maximize their potential returns. In general, not all industries are as ready as others for modern cybercrime threats.
Cybersecurity into the Boardrooms
More than ever, security is a critical facet of company success— and survival. It has become an existential threat with 40% of hacked companies not being around a year after a data breach. Chief Information Security Officers at major companies are now invited to the boardroom. They must because most expect to be the target of ransomware attacks in the coming year. Actions are becoming more proactive, to get ahead of potential attacks. More importantly, risk concerns are serving as the catalyst that is fueling cyber-attack response capabilities including funding the implementation of new technologies, security missions, and supplemental services and partnerships. While slowly, priorities are generally building in the right direction and that’s a good thing.
Weathering the Surge
Not every company however is as big or in a position to respond alone to the incoming surge. Talent and vision can be rare throughout the industry, but the framework of where threat readiness is readily available.
Technical controls and practices for vulnerabilities are available throughout the front lines of cloud, email, endpoints, and on-premise environments. These components will ideally feature behavior detection, centralized reporting, and some level of automation. Defense strategies should be built around the detection and notification of lateral movements and must always expose the leakage of data across all possible exit points.
One of the most valuable tools available in the preparedness arsenal is backups. Organizations should have a comprehensive security strategy that includes recovery. A disaster recovery solution, as well as a regular test of backup data ensures that backups can be accessed in case of emergencies. Further, we can prioritize around key systems and keep sensitive records isolated whenever possible.
Finally, consider increasing focus on more comprehensive and holistic security practices. Consider threat modeling, gap identification, and risk analysis in the overall security plan. Implement services and consultation with qualified, experienced parties that truly live and breathe these cyber threats. Focus on the training and education of your administrators and users. Investments in security today, under any financial situation, will pay dividends when things turn rough.
Check out this piece, originally published in Forbes, here and follow me on LinkedIn.
