For years, cybersecurity experts have warned of attacks that could directly impact businesses. However, many businesses push preparations for potential attacks to the backburner behind what are perceived as more pressing day-to-day priorities. Now, the threat is all too real as cybercriminals become more sophisticated and targeted with their attacks using ransomware to take down critical infrastructure and exploit organizations for money.
COVID-19 Changed Cyber Priorities
The pandemic has weakened threat preparedness across all industries. As workers moved into off-site environments, hackers had many new and vulnerable points of entry to use to their advantage. Every day, hackers gain more tools and develop improved strategies to bypass corporate firewalls more easily and access confidential data. The pandemic changed our work environments rapidly and a lack of rigor around security protocols has left many businesses at greater risk than ever before.
A recent hack disabled the entire U.S. eastern seaboard when fuel supply was shut down after a gang of criminal hackers broke into a company’s security system. The pipeline provides a significant supply of gas to the east coast and because of the shutdown, millions of people were left without access to gasoline causing panic amongst consumers.
The breach brought ransom attacks mainstream and put a spotlight on the serious implications that a security attack could have on our way of life. Attacks on critical infrastructure, such as utilities, telecoms, healthcare, emergency services, etc. are expected to increase, fueling changes in national cyber doctrines and the defense measures that states will take.
These kinds of attacks certainly won’t be the last. As the world emerges from the pandemic, expect to see escalating supply chain attacks. In fact, a worrying indicator shows that 53% of organizations are not prioritizing investments in supply chain security.
Private Companies, Retail Sector Show Increased Risk
President Biden recently signed an executive order to help strengthen the federal government’s cybersecurity defenses which is a significant step towards prioritizing cybersecurity. Where the government has taken such strides, the private companies are still playing catch up.
A global study commissioned by Wipro found that during the past year, 86% of all nation-state attacks in 2020 were classified as espionage, with 46% of them targeted toward private companies. The study also indicated that certain industries like healthcare, energy and manufacturing have become more prominent targets of cyberattacks. The retail and consumer sectors, for example, carry the highest risk: Forty-seven percent of all suspicious social media profiles and domains were active in the retail and consumer sectors.
Further indicating that the pandemic has fueled the rise in cyberattacks, INTERPOL found that between January and April 2020 some 907,000 spam messages, 737 incidents related to malware and 48,000 malicious URLs, all related to COVID-19, were detected by one of INTERPOL’s private sector partners.
Cybercriminals are becoming more sophisticated in their attacks and the ease of which they can conduct an attack increases each day.
Brands in these sectors increasingly worry about the fallout of breaches as 75 % of enterprises said they are concerned a bad cyber event could lead to a damaged brand reputation in the marketplace.
AI and Machine Learning Are the Future
As businesses search for solutions to cybercrimes, many have turned to AI, machine learning, and the Internet of Things. Often organizations have little faith in their ability to safeguard data successfully as 59% of organizations surveyed understood their cyber risks, but only 23% were confident they could prevent cyberattack.
Cutting-edge technologies like automation are essential for businesses to improve detection, triage, and response time in the instance of a possible attack. That may explain why 35% of organizations said their cyber-investments are focused on security automation, the top priority among several surveyed.
It is imperative that more organizations work toward implementing dynamic solutions to combat against cyber-attacks by building a first line of defense that frees up manpower and creates efficiencies.
- Assess the current state of your security network and solutions to identify areas of strength and vulnerability.
- Review your IT architecture and patch workstations, implement multi-factor authentication and privilege account management wherever necessary.
- Strengthen the existing operational technology (OT) and IoT environments using network segmentation and updated policies.
- Implement a strict security awareness program that allows all employees to be active participants in the ongoing cybersecurity hygiene of the organization.
- Ensure business resilience and continuity by having a robust Incident Response and Crisis Management structure in place that puts equal focus on response and recover in addition to detection and prevention. The primary step in the cyber resilience journey is to assess the current IR preparedness to detect, contain, recover and investigate into security incidents followed by assessments (tabletop exercise, scenario based assessments, etc.) in adherence to industry standards like NIST, MITRE ATT&CK and SANS Framework. Make sure to implement advanced backup technology, which will protect backups from ransomware and recover data when necessary.
The pandemic of the past 2 years has proven to be a significant disruptor, bringing to light the many flaws in cybercrime preparedness across several industries. However, opportunity exists for government and business leaders to repair the cracks and prepare for the future. Underpinning good automation with best practices will ensure that organizations are set up for success against future attacks.