Cybersecurity is more critical than ever as small to large enterprises depend on digital technology for day-to-day tasks. Defending cyber-attacks became more challenging as the attacker developed new attack methods. In 2023, Phishing, Ransomware attacks, and Attacking Front-Facing services are still effective for them, but now the ways of attack are different.
The Growing Threat of Cyber-Attacks
- More than 2200 cyberattacks every day, Cyberattack every 39 seconds.
- The global cost of cyber-attack in 2021 was $6 Trillion, And by 2025 cybercrime costs will reach $10.5 Trillion.
- 83% of organizations had a data breach – according to IBM research.
Some Notable Cyber-attacks from 2021 to 2022
SolarWinds: SolarWindws was a victim of supply chain attacks that impacted thousands of customers, including government agencies and private organizations.
Colonial Pipeline: One of the most significant ransomware attacks happened in 2021. The attacker accessed into pipeline network using only a leaked VPN password. 75 bitcoin were paid, but 65 bitcoin were recovered.
Microsoft Exchange Server: The server is usually used by large enterprises. With a 0-day exploit, it is believed that more than 18,000 organization was compromised worldwide.
JBS: A meat processing company suffered one of the most significant cyber-attack. The company paid $11 million to the hacker to decrypt its files.
Kaseya: The Ransome gang demanded $70 million for the decryption key. More than 1,500 organizations globally were affected by this attack. Kaseya was compromised by exploiting CVE-2021-30116.
Okta: A digital identity firm Compromised with the supply-chain attack. The data breach happened two times.
Uber: On September 2022, Uber was hacked by a 17-year-old teenager. The hacker got initial access through Uber’s VPN credentials. By exploiting various misconfigurations, the hacker discovered a PowerShell script to access to Privileged Access Management solution. The data breach happened again in December 2022.
Microsoft: In 2021, 38 million record was leaked due to Power Apps Misconfiguration. In 2022, Another breach happened by the Lapsus$ Group. In October 2022, more than 548,000 users’ data was exposed.
Dropbox: Dropbox was a victim of a successful phishing attack that led the attacker to steal 130 code repositories from GitHub.
LastPass: LastPass tries to secure us. A massive data breach happened two times. The attacker stole the customer’s encrypted password vault by compromising a developer account.
MSI: Most recent and one of the big tech enterprises suffer cyber-attack. The cyber threat stole Bios tools, source code, and 1.5TB of Databases. Source: https://www.theregister.com/2023/04/07/msi_cyberattack_bios/
Every year, Many more enterprises are becoming victims of cyber attacks. Many of them stay undisclosed. It is said that one in seven cyberattacks is reported, and others are kept hidden.
Average cost by industry researched by IBM:
Attack type that is commonly seen
- Phishing Attack
- Ransomware Attack
- Supply-chain attacks
- Targeted by APTs
- Insider Threats
Phishing Attack
Attackers send fake emails that appear to come from legitimate sources. Often these emails contain malicious links or infected attachments that help the attacker to compromise victims. This is the most common attack and will be around for a while.
90% of cyber-attack start with phishing. And 90% of successful cyber-attack are caused for human errors.
Ransomware Attack
Ransomware is a type of malware that encrypts all files or folders in an infected computer or server. The attacker demands a large amount of money to decrypt the files. Large enterprise is a common targets for a ransomware attacks. But recently, small to mid-size businesses have also been targeted by attackers. Attackers install this malware by social engineering, phishing attacks, or exploiting vulnerability for initial access.
Third-party and Supply Chain Attacks
Third-party and supply chain weaknesses can be exploited by attackers for initial access, such as the organization’s external partners, vendors, or service providers. SolarWinds Cyber attack had a massive impact on other organizations using their product.
Targeted by Advanced Persistent Threats
Advanced Persistent Threats(APTs) are well-funded and highly skilled attackers often backed by organized crime groups or state-sponsored ones. APTs often target large enterprises and try to compromise by exploiting vulnerabilities, social engineering, phishing, or different ways.
Insider Threats
Trusted individuals, such as Employees and contractors, can be a security risk for an organization. Malicious insiders can steal data or collaborate with external attackers.
Implication for Businesses
In this evolving of cyberattack landscape, according to Security magazine 38% of the increase in global attacks in 2022, compared to 2021. Cybersecurity is no more an optional task for small to large enterprises. Our advice for your business:
- Measure your security posture: It is now essential for organizations to do a risk assessment, perform a vulnerability assessment and penetration testing by an external provider, provide employee training, and implement an effective incident response plan.
- Security Awareness: Employees are crucial in the defense against cyber threats. It is important to train them on best practices, such as detecting phishing emails, and how to keep personal devices safe.
- Implement Security Policy: The organization should develop and enforce security policies that cover data backup, incident response, and access control.
- Use the right security software: To secure the network organization should be using firewalls, IDPs, Antivirus and Antimalware software, and VPNs for Remote access.
- Simulated Testing: Simulate real-world attacks to measure the overall security posture.
In summary, An organization can’t be secured only using some security software without finding and fixing its weakness. By partnering with a dedicated cybersecurity service provider, It is possible to measure and enhance the overall security posture of an organization.
