Over the past two years, ransomware numbers have gone down significantly, but as their numbers decline, cyber attacks have increased significantly. With new hacking advancements, enterprises must prepare for future cyber attacks. There are a number of ways to prevent these attacks—from spreading awareness to developing active defense strategies.
ISACA’s State of Cybersecurity 2018 report culled findings from 2,366 respondents in healthcare, technology/consulting services, finance, and many other fields. According to the research, 50% of the respondents have experienced an increase in cyber attacks and a drop in ransomware attacks. Forty-five percent of respondents experienced a ransomware attack this year, compared to 62% in 2016.
Cyber Attacks on the Rise
Eighty percent of the ISACA survey respondents expected that they will experience a cyber attack this year. Despite the increase in number, the techniques used by attackers remain the same—phishing (44%), malware (38%), and social engineering (28%). It is also worth noting that most threat actors were cyber criminals (33%), hackers (23%), nonmalicious insiders (14%), malicious insiders (11%), nation states (10%), and hacktivists (6%).
Ransomware attacks are no longer a lucrative pursuit, which explains its decrease. Cryptocurrency mining malware is now a more popular and more insidious method. It generates little financial return, but takes advantage of a person’s computer so it can contribute to CPU cycles for mining. Cryptocurrency may be a more prevalent scheme in the future because it can operate and generate value for an attacker without active access to an unknowing person’s computer software.
Push for Preparedness
Half of the respondents said that most of the cyber attacks involved extortion for money, although the frequency has declined. People are now more vigilant and prepared for these kinds of intrusions. More ransomware countermeasures are also widely available.
Ransomware attacks have dropped as people now refuse to pay ransoms. Ninety-two percent of the respondents indicate that they do not have the capacity to pay off these ransoms. Ninety-six percent also said they don’t have a supply of cryptocurrency for any ransomware payments.
Eighty-six percent of the respondents said they now have strategies in place to thwart cyber attacks. Seventy-eight percent now follow a formal process to deal with attacks, compared to last year’s 53%. Companies are also providing employee awareness training to better spot any oncoming breaches, which include ransomware.
The survey also indicated that threat intelligence is used more, but respondents are not familiar with active defense. Active defense strategies demonstrate high success levels when implemented. Active defense systems, such as CryptoMove, make information more difficult to attack, steal, and destroy, by moving, distributing, and re-encrypting data distribution. Some active defense systems leverage on deception and honeypots, which trick and confuse attackers with traps and advanced forensics.
Recent Notable Cyber Attacks
Massive companies that have complex security systems are no exception to attacks. In May, Chile’s largest financial institution, Banco De Chile (BDC), was attacked. The cyber attack shut down 9,000 workstations and 500 servers as a cover-up to illegally funnel $10M to accounts in Hong Kong. The attackers managed to complete four separate fraudulent transactions before they were discovered. They also used a highly damaging wiper malware that totally deleted disk information. It took almost two weeks before the bank resumed its services.
On the same month, Mexico’s Bancomext was also the target of a cyber attack where $18–20M went missing. Similar to BDC, illegal transactions went through SWIFT, a network for international bank transfers. Hackers infiltrated the network through an activated malware after an employee engaged with a phishing email.
Preventive Measures for Future Cyber Attacks
TrendMicro released suggestions and best practices to mitigate the destructive capabilities of malware:
- Identify and address security gaps
- Regularly patch and update networks and systems to remove exploitative vulnerabilities.
- Create strict patch management policies and regularly back up data.
- Secure mission-critical infrastructure
- Secure infrastructure where personal and corporate data are stored.
- Enforce the principle of least privilege
- Restrict access to mission-control data and only to system administrators.
- Proactively monitor online premises
- Deploy additional security mechanisms like firewalls and intrusion detection systems.
- Foster a culture of cybersecurity
- Train employees to be mindful of social engineering attacks in the form of spam and phishing emails.
- Create a proactive incident response strategy
- Implement incident response strategies that provide concrete actions about threats.
A Global Issue
Enterprises and large institutions could be at risk for cyber attacks. Vulnerable institutions put their customers and clients at risk. These could cost them huge losses in the business and customer base, immense network repair, and compensation for those affected. Companies should invest in cyber security as any security problems could easily escalate to a national security issue, or even terrorism. While cyber risk is not quantifiable, its results definitely are. They could avert any risks if there are strong security measures in place. And this doesn’t only apply to large companies, but to small business as well. In 2015, 43% of cyber attacks targeted small businesses. Cyber security tech is continually evolving and changing, and professionals must be cognizant of this fact by putting value in their own cyber security policies and defense plans.