Information and data is power. It’s why organisations are so desperate to keep their data safe and hackers are so intent on stealing it.
But it isn’t just about launching more attacks; cyber criminals are also getting smarter. Radware’s latest Emergency Response Team (ERT) survey found that businesses that are not prepared to defend against the latest attack types are in danger of becoming victims of cyber criminals who target the valuable data that they hold.
Ransom attacks have increased. 49% of European businesses cited cyber-ransom as the top motivation behind attacks they suffered in 2016 – an increase of almost 100% from the 25% recorded in 2015. Despite this, less than half of European businesses interviewed said they were well prepared to fight ransom attacks with a worrying 44% having no cyber security emergency response plan in place.
Although most businesses understand that the data they hold is a juicy target for cyber criminals – especially cloud businesses that rely on their service providers to ensure adequate security is in place – a large number appear to be unprepared to defend against these types of attacks.
So why is there a still such a disconnect between the level of the threat and organisations’ preparedness to defend against it?
It’s easy money
Although Internet of Things (IoT) botnet attacks, such as Mirai, took the headlines towards the end of 2016, the year should really be remembered for the flood of ransom attacks that hit businesses across the globe.
Ransom Denial of Service (RDoS) often involves a small-scale attack on a target’s network to show that the threat is real, followed by a demand to pay up or suffer a much stronger attack.
This has proven to be a very beneficial technique for cyber criminals to make easy money. Some hacking groups have even made DDoS-for-ransom a profession, leveraging a set of network and application attacks. Their success quickly drew followers and copycats joining the ransom party.
Today, cloud based storage and the data contained within it are the primary target of cyber-attacks, rather than Internet pipe saturation or firewall exhaustion as had been the objective in the past. Cloud businesses that hold data such as personal identification, account credentials or even medical records are all at risk. The bottom line: cloud data is the new target.
Cyber security reaches tipping point
Cyber security attacks and attackers are nothing new. Yet, we are at a point in time where we are witnessing dramatic and frightening increases in attack frequency, complexity, size, etc. The hacking community has reached an ideal state in terms of:
- Availability of low cost resources
- Dramatic increase in high value, increasingly vulnerable targets putting more and more valuable information online
- A level of maturity where on top of hacking programs and anonymity they enjoy services such as hosting, security and can even leverage public cloud compute power.
Counting the cost
Although cyber-ransom attacks make it is easier to estimate the financial losses caused by an attack, most businesses (60%) are in the dark when it comes to understanding the actual losses associated with a cyber-attack. Those who do quantify the various aspects of the losses estimate the damage at nearly double the amount compared to those who have no measurable practice of estimation.
The cost issue is just one example of the growing gap between the defenders and offenders. While organisations battle budget, bureaucracy, and expertise – hackers are much more agile in developing new attack tools and techniques.
The result of the two different cruising speeds is an ever-expanding chasm between the businesses and perpetrators. Will the gap ever shrink? Not in the near future. The answer, I’m afraid, will only come after a few years when the majority of organisations will adopt security solutions based on machine learning, behavioural analysis and continuously adaptive models.