Cyberthreats Becoming More Relentless and Destructive

Expect the onslaught of cyberattacks to worsen as launching them becomes cheaper and easier.

“Anybody can now do cybercrime,” says Raj Samani, chief scientist and fellow at computer security software maker McAfee. “The technical skills required to be a cybercriminal are the lowest it has ever been.” Hackers can easily find out how to launch an attack with a simple Google search. They can also pay for certain attacks by the hour.

At the same time, attacks are increasingly sophisticated and hard to detect. Hackers are turning to artificial intelligence software for more destructive digital weapons. And they are using encryption software to mask their traces.

Major cybersecurity companies report a surge in all sorts of raids. Email attacks are rampant against all types of workers. Social media scams, stemming from sites such as LinkedIn, are becoming more common. Insider threats are still hard to stop, such as when a disgruntled employee brings in a USB stick to install malicious software or steal data.

It’s no surprise that cybercrime is costing companies more. The average cost of a data breach for a U.S. company is $8 million dollars, according to a report by IBM Security and the Ponemon Institute. The report examined 500 companies of varying size and found that the average time to detect a breach is about 200 days, leaving a huge gap where criminals can steal info and inflict harm.

A relatively new type of intrusion has exploded in prevalence: Hackers stealing computing resources to mine bitcoin and other digital currencies. Cryptocurrencies require huge amounts of computing resources to mine—the process of compiling transactions in a web of complex math computations. It’s so resource-intensive and expensive that criminals are willing to steal, or cryptojack, someone else’s computer horsepower.

“Compared with well-established cybercrime activities such as data theft and ransomware, cryptojacking is simpler, more straightforward and less risky,” according to a McAfee Labs Threats Report from June 2018. Criminals don’t need to coax an executive into paying a ransom. The stolen computer horsepower can be a significant cost, says McAfee’s Samani.

Hackers are also hijacking connected devices to bombard a website or app with web traffic until it’s forced offline more frequently. The rise of these cyberraids, known as distributed denial-of-service attacks, or DDoS, stems from a surge in cheap internet bandwidth and an explosion in internet-connected devices. Hackers can take control of a swarm of unsecured connected devices to blitz an IP address with traffic.

Weaponizing bandwidth can wreak havoc on businesses during critical times. Consider an online seller darkened during prime holiday season, for instance. These intrusions can also serve as a devastating distraction. While the IT team scrambles to get the site back online, hackers sneak into another part of the network.

One growing fear is large scale DDoS attacks “taking large portions of the internet offline,” says James Willett, vice president of technology at Neustar, a technology company that offers defensive software. Firms can erect firewalls to detect and fend off fraudulent web traffic. Companies can also check with web providers or cloud servicers to see what defenses are built in.

The type of attack varies by industry, according to Verizon’s 2018 Data Breach Investigations Report. Companies should take that into account as they shore up digital defenses. Some trends are intuitive. For instance, hoteliers are frequent targets of point-of-sale raids, which attack store payment terminals, but the education and health care sectors are seldomly hit. Schools and doctors don’t use cash registers that often.

Other industry trends are less obvious. Denial of service attacks are common in education and financial services, but much less common in hospitality and health care. Privilege misuse, where an employee shares data or breaches company IT policy in some way, is a dramatic problem in public organizations. Consider a disgruntled government employee sharing sensitive info with people who aren’t approved to see it. And the manufacturing sector is a ripe target for state-affiliated hackers looking to swipe valuable intellectual property.

The threat of cyberattacks “doesn’t hit home for a lot of small- and medium-sized business owners until it’s too late and they’ve lost everything,” says Bonnie Moss, the executive director of SMB iSAO, a cyber info sharing and analysis organization whose membership includes auto body shops, retailers and nonprofits. The group offers a monthly newsletter, threat alerts, legal advice, updates from standards organization and more. It costs $20 per month. “It’s threat intelligence that people can trust,” says Moss. To find more organizations visit https://www.isao.org/information-sharing-groups/.

Tried-and-true cybersecurity advice still holds, security experts note. Besides keeping tabs on the latest cyberthreats, companies can beef up security by keeping all software up-to-date, backing up data regularly and creating strong login processes.