Information and data is power. Itโs why organisations are so desperate to keep their data safe and hackers are so intent on stealing it.
But it isnโt just about launching more attacks; cyber criminals are also getting smarter. Radwareโs latest Emergency Response Team (ERT) survey found that businesses that are not prepared to defend against the latest attack types are in danger of becoming victims of cyber criminals who target the valuable data that they hold.
Ransom attacks have increased. 49% of European businesses cited cyber-ransom as the top motivation behind attacks they suffered in 2016 โ an increase of almost 100% from the 25% recorded in 2015. Despite this, less than half of European businesses interviewed said they were well prepared to fight ransom attacks with a worrying 44% having no cyber security emergency response plan in place.
Although most businesses understand that the data they hold is a juicy target for cyber criminals โ especially cloud businesses that rely on their service providers to ensure adequate security is in place โ a large number appear to be unprepared to defend against these types of attacks.
So why is there a still such a disconnect between the level of the threat and organisationsโ preparedness to defend against it?
Itโs easy money
Although Internet of Things (IoT) botnet attacks, such as Mirai, took the headlines towards the end of 2016, the year should really be remembered for the flood of ransom attacks that hit businesses across the globe.
Ransom Denial of Service (RDoS) often involves a small-scale attack on a targetโs network to show that the threat is real, followed by a demand to pay up or suffer a much stronger attack.
This has proven to be a very beneficial technique for cyber criminals to make easy money. Some hacking groups have even made DDoS-for-ransom a profession, leveraging a set of network and application attacks. Their success quickly drew followers and copycats joining the ransom party.
Today, cloud based storage and the data contained within it are the primary target of cyber-attacks, rather than Internet pipe saturation or firewall exhaustion as had been the objective in the past. Cloud businesses that hold data such as personal identification, account credentials or even medical records are all at risk. The bottom line: cloud data is the new target.
Cyber security reaches tipping point
Cyber security attacks and attackers are nothing new. Yet, we are at a point in time where we are witnessing dramatic and frightening increases in attack frequency, complexity, size, etc. The hacking community has reached an ideal state in terms of:
- Availability of low cost resources
- Dramatic increase in high value, increasingly vulnerable targets putting more and more valuable information online
- A level of maturity where on top of hacking programs and anonymity they enjoy services such as hosting, security and can even leverage public cloud compute power.
Counting the cost
Although cyber-ransom attacks make it is easier to estimate the financial losses caused by an attack, most businesses (60%) are in the dark when it comes to understanding the actual losses associated with a cyber-attack. Those who do quantify the various aspects of the losses estimate the damage at nearly double the amount compared to those who have no measurable practice of estimation.
The cost issue is just one example of the growing gap between the defenders and offenders. While organisations battle budget, bureaucracy, and expertise โ hackers are much more agile in developing new attack tools and techniques.
The result of the two different cruising speeds is an ever-expanding chasm between the businesses and perpetrators. Will the gap ever shrink? Not in the near future. The answer, Iโm afraid, will only come after a few years when the majority of organisations will adopt security solutions based on machine learning, behavioural analysis and continuously adaptive models.
As the EMEA Cyber Security Evangelist for Radware, Pascal helps execute the company's thought leadership on today's security threat landscape. Pascal brings over two decades of experience in many aspects of Information Technology and holds a degree in Civil Engineering from the Free University of Brussels. As part of the Radware Security Research team Pascal develops and maintains the IoT honeypots and actively researches IoT malware. He discovered BrickerBot, provided the updated Hajime report and follows closely any development and new threats in the IoT landscape.ย ย Prior to Radware, Pascal worked with the largest EMEA cloud providers on their SDN and next gen data centre strategies as a consulting engineer for Juniper. As an independent consultant Pascal architected sensor networks, automated and developed PLC systems and lead security infrastructure and software auditing projects. At the start of his career he was a regular presenter at IBM conferences for Perl and Unix kernel development.