Cyber Attacks – The Plague of the 21st Century

Cybercrime has for some time been the topic of discussions held not only among new technology experts, but also by politicians and economists. Cyber-attacks and related criminal activity have been a real plague of the 21st century.

Global costs of cyber attacks

This is unsurprising as the damage worldwide resulting from cyber-attacks amounts to some 6 billion dollars in 2021. If we compare this figure with the size of the world’s largest economies, it would take third place behind the USA and China. However, that’s not all. Analysts from Cybersecurity Ventures predict that the global costs of cybercrime will grow by 15% annually for the next five years, reaching a total of 10.5 billion dollars. It’s worth remembering that in 2015 the figure was 3.5 billion dollars.

The losses caused by hackers are greater than the damage caused every year by natural disasters. Paradoxically, the activity of hackers will soon be more profitable than the worldwide trade in all major illegal narcotics combined. It’s worth explaining that Cybersecurity Ventures includes the following in costs generated by cybercrime:

  • damage to and destruction of data
  • stolen money
  • loss of productivity
  • theft of intellectual property, as well as personal and financial data
  • embezzlement
  • fraud
  • disruption to normal activity following an attack
  • criminal investigations
  • restoration and removal of hacked data and systems
  • damage to reputation

The data presented above shows that hackers, to put it colloquially, often laugh behind the backs of IT department managers. There are even paradoxical situations in which MSP firms providing security services fall victim to attacks. In March, criminals encrypted data belonging to the American integrator CompuCom. The incident cost the firm around 30 million dollars. This was made up of expenses related to dealing with the problem, as well as the suspension of some services. To add salt to the wound, the integrator, which provides threat identification and removal services, was still unable to restore its infrastructure two weeks after the incident. Another issue is damage to the service provider’s reputation, which will make it tough not only to attract new clients, but also to retain existing ones.

This is not an isolated case, with other well-known firms such as Garmin, Canon and CD Projekt also falling victim to cyber-attacks in the last few months. So why are firms that employ security specialists and spend considerable amounts on IT protection losing the battle against cyber criminals?

Difficult tasks of cybersecurity officers

Company IT departments have to be ever more flexible and cunning in order to outwit the cyber criminals. The problem is that the latter are often smarter. One of the causes for this state of affairs are misplaced investments in security systems. Even high-class specialists can lose the battle against a dangerous opponent if they are not given good weapons. There are a variety of reasons for misplaced investments. Firstly, cyber security is an extremely broad topic. According to the Wikipedia definition, it includes techniques, processes and practices used to protect IT networks, hardware, software and data from attacks, damage and unauthorized access. This is why the selection of suitable tools and security strategies is becoming harder every year – not only due to the excess of available solutions, but also the growing amount of data.

However, the majority of companies use standard security solutions for their protection targeted towards threats. If we believe the results of research by the Ponemon Institute, the most commonly used tool for protecting end devices is traditional antivirus software (76%), followed by tools for update management (57%). These systems monitor network traffic and react when malicious software is detected. Reformers argue that this is an outdated strategy that is no longer fit for purpose due to the increase in the numbers of employees using mobile devices and the expansion of cloud services.

Often, firms sit on their laurels, assuming that taking any action related to security will ensure them peace of mind. However, the current situation makes it important to keep up with trends in IT threats, analyze the behavior of employees, monitor infrastructure and implement new solutions and security policies. Some providers encourage users to implement unified security systems, which helps to sort out the chaos caused by the use of too many products.

Is a large number of tools better protection against cyber attacks?

Cisco has observed that the average firm uses over twenty protection tools, often making it impossible for IT teams to manage and integrate such a large number of solutions. This has prompted some software producers to develop initiatives for connecting backup systems and anti-malware in a single solution. Just one agent is installed on end devices, thanks to which the user only has to learn to use a single interface, and the administrator has one management console. The firm Acronis is a precursor in this field.

In turn, producers such as G-Data and Symantec provide disk space as part of the Norton AntiVirus package for creating backup. On the other hand, some cyber security specialists encourage organizations to invest in systems like DLP (Data Loss Prevention), UEBA (User and Entity Behavior Analytics) and EDR (Endpoint Detection and Response). As if that wasn’t enough, computer manufacturers are now in on the game, tempting clients with packages that include security services. The end result of all this is that firms will have to add another element to their IT protection arsenal.

Cybersecurity – the weakest link

It was 30 years ago that Kevin Mitnick admitted he broke people, not passwords. Not a lot has changed since that time. It is estimated that around 60% of data breach incidents are caused by employees. They sometimes make mistakes unintentionally, but there are cases of deliberate action intended to damage the company. You can also read about the impact of the pandemic on the security of business data in our blog – The Big Shift. COVID-19 and IT. There’s a good reason why they say that humans are the weakest link in security systems. So how can this be dealt with?

Specialists from around the world have been racking their brains over the issue. Some are convinced that one of the most effective methods is education. But years of experience have shown that this is only a half-blown measure. Rebecca McKeown, an independent chartered psychologist and advisor to Immersive Labs told the Search Security portal that one serious problem is people’s attitude towards teaching and training. It almost always follows the same pattern – you go on a course, get your certificate and go back to work. However, it is crucial to embed learning and development in everyday processes that are constantly in use, as repetition helps to develop cognitive readiness. Rebecca McKeown also draws attention to professional burnout among people responsible for cyber security. Their frustration is the result of at least two causes. Firstly, they have to communicate with groups of people who do not understand the importance of security. Secondly, they face a constant battle with the CEO or CFO over the security budget. McKeown’s observations have been corroborated by the results of research conducted by the Ponemon Institute among SOC (Security Operations Center) personnel. Employees experience the most stress due to workload (75%), information overload (67%) and the chaos that exists in security centers (53%).

It’s not surprising that providers (e.g. Human Risk Analytics from the firm Bitdefender) look for help in new technologies by implementing mechanisms for analyzing user activity and identifying behavior that threatens the security of the organization. This type of assessment allows network administrators to detect high-risk individuals or systems, and take action to limit the threats to a minimum without having to impose restrictions on the whole environment. It could be that a high level of integration between services, the related sharing of collected data, as well as automated actions, will limit people’s thoughtlessness and thus help to significantly improve the security of end devices.

Pawel Maczka

text written by:

Pawel Maczka, CTO at Storware