Can cloud businesses escape the digital highwaymen?

Information and data is power. It’s why organisations are so desperate to keep their data safe and hackers are so intent on stealing it.

But it isn’t just about launching more attacks; cyber criminals are also getting smarter. Radware’s latest Emergency Response Team (ERT) survey found that businesses that are not prepared to defend against the latest attack types are in danger of becoming victims of cyber criminals who target the valuable data that they hold.

Ransom attacks have increased. 49% of European businesses cited cyber-ransom as the top motivation behind attacks they suffered in 2016 – an increase of almost 100% from the 25% recorded in 2015. Despite this, less than half of European businesses interviewed said they were well prepared to fight ransom attacks with a worrying 44% having no cyber security emergency response plan in place.

Although most businesses understand that the data they hold is a juicy target for cyber criminals – especially cloud businesses that rely on their service providers to ensure adequate security is in place – a large number appear to be unprepared to defend against these types of attacks.

So why is there a still such a disconnect between the level of the threat and organisations’ preparedness to defend against it?

It’s easy money

Although Internet of Things (IoT) botnet attacks, such as Mirai, took the headlines towards the end of 2016, the year should really be remembered for the flood of ransom attacks that hit businesses across the globe.

Ransom Denial of Service (RDoS) often involves a small-scale attack on a target’s network to show that the threat is real, followed by a demand to pay up or suffer a much stronger attack.

This has proven to be a very beneficial technique for cyber criminals to make easy money. Some hacking groups have even made DDoS-for-ransom a profession, leveraging a set of network and application attacks. Their success quickly drew followers and copycats joining the ransom party.

Today, cloud based storage and the data contained within it are the primary target of cyber-attacks, rather than Internet pipe saturation or firewall exhaustion as had been the objective in the past. Cloud businesses that hold data such as personal identification, account credentials or even medical records are all at risk. The bottom line: cloud data is the new target.

Cyber security reaches tipping point

Cyber security attacks and attackers are nothing new. Yet, we are at a point in time where we are witnessing dramatic and frightening increases in attack frequency, complexity, size, etc. The hacking community has reached an ideal state in terms of:

  • Availability of low cost resources
  • Dramatic increase in high value, increasingly vulnerable targets putting more and more valuable information online
  • A level of maturity where on top of hacking programs and anonymity they enjoy services such as hosting, security and can even leverage public cloud compute power.

Counting the cost

Although cyber-ransom attacks make it is easier to estimate the financial losses caused by an attack, most businesses (60%) are in the dark when it comes to understanding the actual losses associated with a cyber-attack. Those who do quantify the various aspects of the losses estimate the damage at nearly double the amount compared to those who have no measurable practice of estimation.

The cost issue is just one example of the growing gap between the defenders and offenders. While organisations battle budget, bureaucracy, and expertise – hackers are much more agile in developing new attack tools and techniques.

The result of the two different cruising speeds is an ever-expanding chasm between the businesses and perpetrators. Will the gap ever shrink? Not in the near future. The answer, I’m afraid, will only come after a few years when the majority of organisations will adopt security solutions based on machine learning, behavioural analysis and continuously adaptive models.

 

+ posts

Newsletter

Related articles

Don’t lose sight of SAP on Cloud operational excellence

Digital transformation projects can often become complex with twists and turns, which can lead organisations to focus solely on the migration itself.

Need to reduce software TCO? Focus on people

Investing in software is undoubtedly important for enterprises to stay ahead. However, the process is rarely a simple task for CIOs and IT leaders.

The future of cloud and edge optimisation

As more enterprises use multi-cloud and hybrid infrastructures, the danger of cost overruns and loss of control increases.

Here is how to stage a public cloud migration

As the relationships between CSPs and cloud providers are deepening, CSPs need to develop a clear strategy on how they add value to customer relationships.

The future of work is collaborative

As hybrid work models continue to gain traction, businesses will need to start implementing collaborative tools and processes to meet the needs and expectations of the upcoming workforce, seamlessly integrating them into existing workflows to enhance productivity and performance. Innovations in technology, including AI and machine learning, mean that organisations are in a better position than ever to shape the collaborative future of work – and with the right support in place, they can ensure that these digital tools continue to bring out the best in their workforce for years to come.

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Subscribe to our Newsletter