An estimated 2 million cyberattacks took place in 2018 costing more than $45 billion in damages worldwide. The worse part is that while cyberattacks are surging authorities are struggling to tackle the growing threat, said study released on Tuesday.
Ransomware attacks
According to the Internet Society’s Online Trust Alliance (OTA), which compiles data from the United States and other international sources, ransomware-type attacks caused $8 billion in damages last year. These attacks consisted of stealing data from a user via malware before demanding ransom in return for unlocking the data – It is believed that ransomware attacks will grow to cost $20 billion in 2021.
The report [PDF] reveals that authorities were also among victims, and cities like Atlanta and Baltimore have had to rebuild their entire computer network.
Phishing attacks
Furthermore, large losses (over $1.3 billion) were also caused by frauds involving the theft of e-mail addresses of individuals or companies, a technique known as “phishing” in which crooks send e-mails containing a malicious link or an infected document.
Cryptojacking attacks
Another type of attack which grew last year was cryptojacking or cryptomining attacks in which cybercriminals compromise a website or infiltrate a server, computer or smartphone to mine Bitcoin or Monero coins. In 2018, the cybersecurity company Trend Micro detected more than 1.3 million instances of cryptojacking code.
BEC Attack
Business Email Compromise (BEC), also known as Email Account Compromise (EAC), attacks also grew significantly in 2018. In this attack, employees of organizations are deceived into sending funds (or equivalent, such as gift cards) as a response to emails from attackers pretending to be vendors or executives.
BEC attacks doubled in 2018, resulting in $1.3 billion in losses as employees were deceived into sending funds or gift cards to attackers who use email to impersonate vendors or executives. Here, it’s worth mentioning that in December 2018, BEC attack technique was used by scammers to steal $1 million from Save the Children charity.
However, for Jeff Wilbur, technical director of OTA, the report’s estimates are conservative because many attacks are not reported.
Nevertheless, the report suggests that cybercriminals are becoming more sophisticated to target their victims, however, many attacks could have been avoided with more effective computer security.
“The financial impact of cybercrime has grown significantly,” said Wilbur, who asserted that “cybercriminals are becoming more adept at benefiting from their attacks.”
Wilbur pointed out that while some incidents demonstrate the maturing abilities of attackers, methods have been consistent over the years, often inducing someone to respond or click on fake links.
“We’ve heard about super-sophisticated attacks, but most are not so sophisticated,” he said.
This study, which collects data from cybersecurity companies such as Symantec and Trend Micro or government agencies such as the US Federal Police (FBI), is published on the same day as a report by the French Interior Ministry highlighting increased ransomware targeting large companies “capable of paying” very high “sums.’
How to protect yourself from growing cyber-attacks?
Although 100% of online security is a myth, fighting for it is a must. Here is a checklist provided by OTA which should be followed by businesses:
- Complete risk assessments for executive review, operational process, and third-party vendors
- Review security best practices and validate your organization’s adoption or rationale for not adopting
- Audit your data and review your data stewardship practices, including data lifecycle management
- Complete a review of insurance needs including exclusions and pre-approval of coverage for any third-party services (such as cyber forensics, remediation provider, PR firm, etc.)
- Establish and regularly test an end-to-end incident response plan including empowering 24/7 first responders
- Establish/confirm relationships with data protection authorities, law enforcement, and incident service providers
- Review and establish forensic capabilities, procedures, and resources (internal and third-party providers)
- Develop communication strategies and tactics tailored by the audience (e.g., messages to employees vs. messaging to media vs. notifications to customers)
- Review remediation programs, alternatives and service providers
- Implement ongoing employee training for incident response
- Establish employee data security awareness and ongoing education on privacy, incident avoidance (password practices, how to recognize social engineering, etc.) and incident response
- Understand the regulatory requirements, including relevant international requirements
“Our report findings indicate that cybercriminals are using their infiltration ability to focus on new, more lucrative attacks,” continued Wilbur. “Staying up-to-date on the latest security safeguards and best practices is crucial to preventing attacks in the future,” the report concludes.
