Is cybersecurity a big deal? | #itsecurity | #infosec

Cybersecurity is a never-ending battle. Improvements to the cybersecurity posture of individuals, firms, government agencies and the nation have considerable value in reducing the loss and damage that may be associated with cybersecurity breaches.

In July 2019, British Airways was penalised £183m for a data breach in which customers’ sensitive information was stolen.

On January 19, 2016, Ford Aerospace and Communications Corporation, an Austrian aerospace parts producer, was hit by cyber fraud, which resulted in a loss of $50m. The attacker had sent a hoax email to an employee that appeared to have come from the CEO, Walter Stephen. In the message, he was asked to transfer $47m to another account for a fake acquisition project. Not able to spot the true nature of the email, he complied.

In March 2022, the Ronin network, an Ethereum-linked sidechain that was created by Sky Mavis, experienced a major data breach that cost the company $600m in cryptocurrency.  According to Ronin, the attacker gained access to the network through a backdoor.

Businesses have gone to cyberspace, where one can connect with another digitally to bolster productivity, collaboration and resource-sharing. Networks are established in effect, thereby giving rise to cybercriminals, who perpetrate crimes in cyberspace through orchestrating attacks on these networks. They have made attacks on businesses from different fronts readily. The goal of these cybercriminals is to get hold of business data and use it to their advantage.

While businesses and services are expanding into cyberspace with minimum improvement in the traditional cybersecurity techniques, cybercriminals are revolutionising cyber-attacks with artificial intelligence. Cyber threats are getting novel by the day and leaving under-resourced security operations analysts to only catch up.

What are the most unarguable cybercrimes in 2022?  First is the ransomware attack. Ransomware is a major cybersecurity threat to small businesses; 85% of managed service providers consider it one of the biggest threats to their Server Message Block clients. Only 14% of small businesses consider their cyber-attack and risk mitigation ability as highly effective, whereas 45% of small businesses consider theirs not. In the event of a ransomware attack, 43% of SMBs do not have any cybersecurity plan in place and 52% of SMBs do not have any in-house IT security experts.

Trojan horse attack, also known as the backdoor opener, is the most popular type of malware. Trojan horse virus facts for 2018 and 2019 show that 49% of malware sent to small businesses was delivered via email. The most common malicious email disguises are bill invoices, email delivery failure notifications, package deliveries, legal/law enforcement messages or scanned documents. However, there are also trojans that could be installed on the target system remotely without the user noticing and without any interaction on the part of the targets. These kinds of trojans are called Remote Access Trojan. DanBot and Blackshades are examples of such trojans.   As a result, Trojan horse attacks pose one of the most serious threats to computer security.

Phishing is one of the world’s most dangerous cyber threats that is being faced by both organisations and individuals. According to the 2021 Verizon report, 35% of all data breaches in the world relate to phishing attacks.

Phishing is a form of social engineering where an attacker, also known as a phisher, acquires the personal and sensitive information of an individual or an organisation via email by disguising as a trustworthy entity in an electronic communication. According to the Tessian report, 96% of phishing attacks take place by email.

Cyber fraud is one of the most serious cybercrimes in the world. In the report by Bloomberg Law, it is estimated that digital ad fraud is increasing at an alarming rate; the ad industry loses approximately $51m per day due to ad fraud and by 2023 that number will skyrocket to $100bn annually.

Finally, the benefits of implementing and maintaining cybersecurity practices include protecting networks and data from unauthorised access; business protection against cyber-attacks and data breaches; improved confidence in the company’s reputation and trust for developers, partners, customers, stakeholders and employees; improved company credentials with the correct security controls in place.

  • Adeoye Abodunrin is the Executive Director of Xpos Technologies

Original Source link

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

Leave a Reply

Your email address will not be published.

18 + = twenty one