Whether a mom and pop shop or multinational corporation, businesses and organizations of all sizes are vulnerable to cybersecurity threats that can slow productivity and cost you dearly. With many businesses forced to speed up their digital implementation timelines to meet the demands of the ongoing COVID-19 pandemic, it's no surprise that cybercrime has accompanied this push for innovation.
The consistent presence of cybersecurity threats at all levels, across the world, was made clear by a recent roundtable held by the Brookings Institute's Asia Transnational Threats Forum series that discussed the growing impact of cyberattacks on the region. Much of the discussion focused on the rapid changes in cybersecurity forced by COVID-19. The discussion comes as new reporting from CBS unpacks the growing threat of ransomware on small businesses, health care providers and schools here in the U.S.
No matter the size of your organization, tightening up basic cybersecurity measures can go a long way toward cutting down on cyberattacks, including common threats like ransomware and phishing.
Attacks on organizations of all sizes
International businesses aren't the only group feeling the deluge of new cyber threats. In particular, small businesses, health care organizations and government agencies have been impacted by a growing number of new and creative forms of ransomware and phishing scams. According to the CBS affiliate station in Miami, ransomware attacks "are on the rise during the pandemic." The news agency noted several serious cases in which poor cybersecurity setups or insufficient employee awareness had devastating results. In Huntsville, Alabama, for example, teachers were forced to abandon digital learning, in favor of printing lessons out, because of a ransomware attack on the school district's network. Other similar attacks have been carried out against school districts in Baltimore County, Maryland and Hartford, Connecticut.
As exploits have increase in numbers, they've also become more damaging. According to research from the cybersecurity company SonicWall, the average payout of a ransomware attack has increased rapidly in just a few years, from only a few thousand dollars in 2018 to about $230,000 in 2020. For some organizations, that's simply too steep a price to pay.
The rise in ransomware started long before the pandemic, but has increased in recent months. According to research from Purplesec, ransomware attacks increased by 350% in 2018. Hackers are also continuing to develop new attacks at a rapid clip, with new ransomware variants growing 46% in 2019 and 68,000 new ransomware Trojans discovered that year on mobile devices alone. While innovation continues to be the name of the game for hackers, many threats are still build around exploiting vulnerabilities in some of the most common coding languages out there, such as Java.
An international impact
As cybersecurity impacts organizations across the country, discussions at the Brookings Institute demonstrate that many of the trends seen in America are true across the globe. According to David Koh, chief executive of Singapore's Cyber Security Agency, the COVD-19 pandemic has lead to rapid digitization that has left both private- and public-sector organizations in a vulnerable position. The result has been "a global surge in malicious cyber activities."
"like the coronavirus, cyber threats are borderless and asymmetric," said Koh.
Other experts on the panel echoed Koh's sentiments and looked ahead to the future, as the global economy returns to some semblance of "normalcy." In addition to covering the surge in cybersecurity threats, the panel examined the changing role of technology in society, the use of big data and the ways nations have handled online discourse and restricted free speech. Other roundtables have discussed other issues like counterterrorism and climate change that are important to the region.
Vulnerabilities with Java
If you depend on technology to get the job done, and there's a good chance you do, your business is vulnerable to cyber attacks. That means whatever industry you work in, and wherever in the world you are, proper cybersecurity should be a priority. One of the easiest and most important ways to shore up your network is by getting rid of tools that rely heavily on unsecured, open-source Java code. The programming language's widespread use means that its vulnerabilities are well known by hackers and easy to exploit.