A recent McAfee report on the economic burden of cybercrime found that globally, cyberattacks cost industries roughly $600 billion in 2017. This figure is a massive uptick in a relatively short amount of time, as these same researchers estimated that cybercrime only cost $445 billion in 2014 – a $155 billion increase in just three years. Many of these daily attacks include malicious scans (roughly 80 billion per day), record hacking (780,000 per day) and new malware deployments (300,000 per day).
In general, McAfee's findings were alarming but not surprising. The broad consensus of information security specialists is that cybersecurity is an issue of growing significance. Companies of all sizes in every industry are becoming increasingly targeted, bombarded by various methods of cyberattacks by hackers with hopes that at least one data breach will be successful
When this happens, the victimized organization faces enormous financial loss, a damaged reputation and possible legal action. As the enterprise space scrambles to fight back, information has become the first building block with which to mount an effective defense. Companies without the relevant data risk being left behind or worse, committing to flawed infrastructure that will not properly protect their data.
Every piece of knowledge provides an important piece to the cybersecurity puzzle. Cisco Systems, a multinational technology conglomerate and expert in the data protection space, recently released its findings in its 2018 Annual Cybersecurity Report. This new entry found three significant developments in cybercrime within the past year.
As organizations continually innovate, they must be aware of these changing factors and adjust their defenses accordingly:
"Encryption is a tool that can be used by anyone, even cybercriminals."
The weaponization of encryption
When encryption was first unveiled, it was touted as a savior in the realm of cybersecurity. Futurism published an article that went so far as to call it "the future" of all cybersecurity solutions. With encryption, confidential data could be protected, hidden behind coding that made it theoretically impossible to be read by humans. This safeguard would prevent cybercriminals from identifying and accessing classified information and improve cybersecurity across the board.
While Futurism's assessment wasn't without merit, it missed crucial aspect of encryption: It is a tool that can be used by anyone, even cybercriminals. According to Cisco's report, malicious parties have begun to use encryption to avoid detection. This tool can shield most command-and-control activity, giving the hacker greater time to infiltrate and cause disruption within a system.
Even once a data breach is detected, companies will have difficulty identifying and understanding the nature of the cyberattack as the encryption will prevent damaging files from being easily read. In addition to utilizing this strategy, cybercriminals have also embraced the use of C2 channels backed by trusted internet services. This vulnerability includes programs like Dropbox, GitHub and Google.
Utilizing these programs makes it harder for even educated and skilled businesses to minimize the risk of cyberattack exposure.
Evolving cyberattacks with varied goals
In the past, the vast majority of cybercriminals were after one thing: confidential file access. Once these files were under their control, they could ransom the information back to its rightful owner for a hefty sum. These attacks are so common that "ransomware" is named precisely for this reason.
However, Cisco warned that these goals are shifting. While ransomware is far from dead, malware is continuing to evolve. Cisco's Executive Summary highlighted Nyetya, which was a program that masqueraded as ransomware but had another purpose altogether. It was a wiper malware program; once it gained access to its intended files, it completely wiped the contents.
The victimized organization still paid the ransom, only to discover that all information was permanently lost. This new sophisticated form of malware will be especially dangerous if it becomes self-propagating. Rapid growth of wiper malware may threaten large swaths of internet data, erasing entire company infrastructures and stores of information. This new hacker tool is a perfect example of why organizations must develop cybersecurity strategies and solutions along the right path. Misidentifying wiper malware as ransomware can be an incredibly costly mistake.
The two-front war of cybersecurity
Technology is moving at an incredible pace, and this agility is a double-edged sword. While it means improving productivity and workplace efficiency, IT teams and information security specialists are constantly struggling to keep pace. While cybercriminals can readily adapt to the latest trends and devices, data security specialists often must work in the confines of bureaucratic structure, which – by definition – typically takes time as it deliberates and works to implement the best solution possible.
Cisco in particular is worried about the realms of internet of things and cloud technology. These two fronts represent much of today's enterprise space improvements. IoT in particular has raised many security concerns as new devices enter the market every month and companies are rarely fully aware of hardware operating with their data. IoT botnets are expanding right alongside its usage, exposing businesses to dangerous threats each day.
As cybersecurity systems age, companies need quick and cost effective solutions to keep pace. Our innovative Flynet Viewer simplifies screen integration, easing the modernization process while meeting employer and staff expectations in a way that feels both familiar and simple. Review our product page to learn more about the Inventu Flynet Viewer and the other solutions in our extensive portfolio.