New technology and digital advances enable firms to grow their businesses faster than ever. Cybercrime is also evolving and growing at a similar pace and continues to threaten and limit this potential. Recently the U.S. Director of National Intelligence ranked cybercrime as the top national security threat — higher than that of terrorism, espionage and weapons of mass destruction. In 2015 alone, Symantec discovered more than 430 million new unique pieces of malware, up 36% from the previous year. Cyberattacks are no longer a question of if — they are simply a question of when.
Losses from cyberattacks can be significant. Financial costs alone can be in the millions. Some larger firms have reported losses associated with a cyberattack in excess of $100 million. But cyberattacks don’t just affect the bottom line. They can also seriously damage a firm’s reputation and business continuity efforts. According to one 2015 survey, only 36% of companies that experienced a cyberattack chose to report it to authorities. For cybercrimes involving extortion, many companies chose to pay the attackers in bitcoin to avoid publicity and potential reputation damage.
Today’s cybercriminals are proving adept at creating new ways of committing classic crimes. One of the newer malware threats affecting businesses and individuals alike is ransomware. In 2015 alone, reported incidents of “crypto-style”ransomware grew by 35%, according to Symantec. This variant of ransomware is a family of malware that takes files on a PC or network storage, encrypts them and then extorts money to unlock the files. This can often be sums in the five-figures for business entities. Furthermore, when ransomware is present, the targeted computer will not only encrypt local files, but often attempt to encrypt files on other network-connected devices and locations as well.
Ransomware has also evolved in recent years and moved beyond the PC to Macs, smartphones and Linux systems. Experts predict that smartwatches and televisions will also be susceptible to ransomware attacks by year-end.
Peeling the Onion
Onion-layered incidents have also emerged in the last year as a top cyberthreat for businesses. While teams address a primary cyberattack, such as a distributed denial of services (DDoS), a secondary attack — often far more damaging — is uncovered. This type of multi-layered attack can require a large amount of resources and time to investigate and resolve, as the security team must peel back layers of information (the “onion”) to establish the root of the problem.
Use of TOR (the onion router) makes things even more difficult for security teams because of the anonymity it provides by encrypting and randomly forwarding traffic through a multi-layered network of relays.
The Insider Threat
Technology is not the only threat in the world of cybercrime; often those who use it can pose a significant threat as well. According to a recent IBM report 2015, 60% of all cyberattacks were carried out by insiders, either ones with malicious intent (44.5%) or those who served as inadvertent actors (15.5%). These inadvertent actors can set off massive security breaches simply by clicking a malicious link, answering a phishing phone call or plugging in a thumb drive that hasn’t gone through proper security screening. This type of threat can be mitigated through better training and policy enforcement at all levels of the organization.
What’s a Good CISO to Do?
Effective security leaders recognize that cybersecurity is not simply an IT responsibility, but rather a strategic imperative. Safeguarding digital assets — intellectual property, customer information, data — is the responsibility of the entire organization and should be part of the firm’s overall risk management program. Furthermore, since firms of all sizes are dealing with the same types of cyberthreats, collaboration and information sharing are both critical to combat these threats effectively.
While it may not be feasible for businesses to avoid every possible cyberthreat, developing a comprehensive approach to cyber security — one that includes an action plan and trained responders — is a big step in the right direction.
For information on how your company can better identify risks and determine cyber preparedness, check out the Federal Financial Institutions Examination Council Cyber assessment tool.
— Read You Aren’t Paranoid, Hackers Really Are Out to Get You on the ThinkAdvisor TechCenter.