2019 is in the past already. Let’s share a summary around a few selected points. We witnessed a year full of data breaches, from supply chain manipulations to ransomware attacks. So much so that a well-known news organization recently announced that cybersecurity was the biggest threat looming over the global economy.
The World Economic Forum placed cybersecurity toward the top of its latest list of global risks.
It’s barely surprising that cybersecurity professionals, media, and government agencies are sounding the alarm given the number of data breaches in 2019 and the growing sophistication of viruses.
Even though cybersecurity insurance spend is projected to increase to $14 billion by 2022, a whopping 68 percent of U.S. businesses have no liability coverage still. And in terms of technology, Gartner indicates that less than 20% of US companies with more than 5,000 employees have already invested in Endpoint Detection and Response (EDR) tools.
What’s frightening is that most experts are expecting 2020 to be worse. And their announcements are not linked to a playing style around so called catastrophism, but to neutral and scientific analyses of the results of outdated solutions against new threats. With technology driving innovation as well as threats in businesses, we will all need future-proof ways to tackle the most pressing cybersecurity challenges.
Before looking at a few ways how security experts can better safeguard their organizations in 2020, let’s look at some of the most shocking cybersecurity breaches that happened around the globe in 2019.
2019 was a banner year for ransomware attacks. Cybercriminals continued to target healthcare organizations, businesses, and more visibly, local governments with these offensive hacks. Ransomware attacks are inflicted by using malware programs to encrypt a system’s data and then demand a ransom in exchange for decrypting the system again- with no guarantee that an organization will have access back after paying the ransom, nor that the hackers would not come back.
In March, ransomware attacked the court system in rural Jackson County Georgia, which paid attackers a ransom of $400,000. Through June, three Florida municipalities were hit with a ransomware attack. Out of those, Lake City paid 42 bitcoins (equaling $500,000) and Riviera Beach paid 65 bitcoins (equaling $600,000).
Targeted ransomware attacks became the trend in 2019. As per Chubb’s October 2019 Cyber Infocus report, ransomware detections in the first half of 2019 rose at an alarming rate compared to the statistics in the latter half of 2018, which is extremely critical as Chubb had already noticed 84% increase in ransomware attacks from 2017 to 2018.
Not all data security incidents spring out of data breaches. Sometimes, companies fail to safeguard their data and make huge flaws in its storage and management. This is what happened with First American.
The real estate and title insurance firm had the sensitive financial records of over 885 million customers openly available for grabs over the internet. Brian Krebs, a security journalist, discovered the incident in May.
Which goes on to show that we are still a long way from being a responsible world where companies, their employees, and customers are all aware of the best practices of data security.
The Nuclear Power Corporation of India Limited (NPCIL) confirmed the cyberattack on the Kudankulam Nuclear Power Plant (KKNPP) in Tamil Nadu, India, in September. The nuclear power plant suffered a breach in its administrative network, but no critical damages.
A user had connected a malware-infected PC with the plant’s administrative network, which was first noticed by the CERT-In (Indian Computer Emergency Response Team). On VirusTotal, a virus scanning site owned by Alphabet technical proofs indicates that huge amount of data could had been stolen from the KKNPP’s admin network.
While if that’s true, the attack could have been an attempt to obtain more power on the ground to subsequently result in a physical attack. Researchers later identified the malware to be Dtrack, which was previously potentially linked with North Korea.
In another instance, Iranian hackers would have infiltrated networks at several Bahraini government agencies and critical infrastructure providers. The attack targeted Bahrain’s National Security Agency, the first deputy prime minister’s office, and the Ministry of Interior. Simultaneously, attackers shut down several systems within the Electricity and Water Authority.
In yet another attempt, Iran was revealed to have participated in a multi-year, global DNS hijacking campaign targeting internet infrastructure and telecommunications providers as well as government bodies across the Middle East, Europe, and North America.
Hacking attempts are launched every 39 seconds, with over half of them aimed at small businesses.
Attackers are now armed with unknown stealth weapons and global remote accessibility throughout the internet so that threats keep on getting bigger and more complex.
Whether you are a small-scale company or a global organization, you need more robust ways to guard your data and applications against cybercriminals.
Here are a few ways to do that when leading a modern IT enterprise:
● Leverage detection, prevention, response, and containment – You don’t need a raincheck here and there. To become more proactive in detecting and mitigating security risks, your business needs a fuller plan to holistically strategize the detection, prevention, response, and containment of security issues. Form a written hierarchical cybersecurity policy and aim to follow it. Add more solutions to your suite. Which brings us to…
● Modernize your cybersecurity solution stack just as you would your IT infrastructure – Antivirus solutions are good when you are only starting out a business. But, if you have something valuable you don’t want to lose, lookout for more sophisticated solutions that address the needs of the modern critical IT infrastructure today. As technology becomes more complicated within businesses, we need more complex and well-rounded cybersecurity solutions to maintain cybersecurity from inside as well as outside the enterprise.
● Employ a risk-based security approach – None of the businesses hit by ransomware attacks said they knew this was coming, and just didn’t think about doing something. All of them had one thing in common. They were unaware that the threat existed within their systems. To address this lack of awareness, organizations need to identify the risks that might be hovering above their heads. Then, they need to employ a risk-based approach after prioritizing risks that could harm their mission-critical data and applications.
No amount of spending on cyber defenses will guarantee you’re shielded against 100% of cyberattacks. But you can definitely shore up your defense systems to mitigate the risk.
In 2020, talk to us about cybersecurity, if you want to be ready to face the unpredictable. In February, meet us at the RSA Conference, booth #467, in San Francisco.
We wish you an excellent festive season and a very good start to the year 2020! Stay tuned.