With each passing year, hackers and cyber criminals of all kinds are becoming more sophisticated, malicious, and greedy conducting brazen and often destructive cyber-attacks that can severely disrupt a company’s business operations. And this is a big problem, because, first and foremost, customers rely on a company’s ability to deliver services or products in a timely manner. Cyber-attacks not only can affect customers’ data, but they can impact service delivery.
Companies affected by cyber incidents
In one of the recent incidents the UK’s discount retailer The Works has been forced to temporarily shut down some of its stores after a ransomware attack. While the tech team quickly shut down the company’s computers after being alerted to the security breach by the firewall system, the attack caused disruption to deliveries and store functionality including till operations.
A cybersecurity incident can greatly affect a business due to the consequences associated with cyber-attacks like potential lawsuits, hefty fines and damage payments, insurance rate hikes, criminal investigations and bad publicity. For example, shares of Okta, a major provider of authentication services, fell 9% after the company revealed it was a victim of a major supply chain incident via an attack on a third-party contactor’s laptop, which affected some of its customers.
Another glaring example is a 2021 cyber-attack launched by the Russian-speaking ransomware gang called DarkSide against the operator of one of the US’ largest fuel pipelines Colonial Pipeline, which crippled fuel delivery across the Southeastern United States impacting lives of millions due to supply shortages. Colonial paid the DarkSide hackers a $4.4 million ransom soon after the incident. The attackers also stole nearly 100GB of data from Colonial Pipeline and threatened to leak it if the ransom wasn’t paid. It’s also worth noting that the company is now facing a nearly $1 million penalty for failure “to plan and prepare for a manual restart and shutdown operation, which contributed to the national impacts after the cyber-attack.”
The cost of data breaches
Data breaches and costs associated with them have been on the rise for the past few years, but, according to a 2021 report, the average cost per breach increased from $3.86 million in 2020 to $4.24 million in 2021. The report also identified four categories contributing most global data breach costs – Lost business cost (38%), Detection and escalation (29%), Post breach response (27%), and Notification (6%).
Ransomware attacks cost an average of $4.62 million (the cost of a ransom is not included), and destructive wiper-style attacks cost an average of $4.69 million, the report said.
For a business, a data breach is not just a loss of data, it can also have a long-lasting impact on operations and undermine customers’ trust in the company. In fact, a survey revealed that 87% of consumers are willing to take their business elsewhere if they don’t trust a company is handling their data responsibly. Therefore, the reputational damage might be detrimental to a business’ ability to attract new customers.
Data leaks and stolen credentials
Cyber incidents involving data leaks also mean that a company’s business operations may be heavily disrupted while it attempts to contain the breach. Furthermore, in most cases hackers will not use the stolen data themselves, but rather sell the info on the Dark Web marketplaces that specialize on trading illicit goods ranging from drugs and weapons to malware, hacking services, and stolen data like personally identifiable information (PII), login credentials, financial data, etc.
A study of the quality and quantity of stolen credentials accessible on the Dark Web from Fortune 500 companies found over 21 million credentials belonging to the mentioned firms, 95% of which contained unencrypted, or brute forced and cracked by the attackers, plaintext passwords. The analysis showed that the most popular sources of exposed breaches were third parties, trusted third parties, and the companies themselves.
This is a serious problem for modern organizations because many suppliers and trusted third parties with privileged access to their data get silently hacked, and once exposed on the underground marketplace, widely open the door to their crown jewels. Worse, such attacks are virtually impossible to timely detect given that no intrusion happens directly.
How to prevent stealth mode attacks
Unfortunately, many large organizations, including Western multinationals and even governments, are susceptible to the same risks of tremendous data breaches. Very few sophisticated attacks expose stolen data or otherwise give indicators that a breach has occurred. Cybercriminals are specially paid to meticulously cover their intrusions and conduct the attacks in a stealth mode. Gigabytes of intellectual property, PII and financial data are stolen every day without being noticed, and then discreetly used by cybercriminals and their “clients”.
However, to prevent such incidents organizations can take a proactive approach to data protection that involves using Dark Web monitoring services and data breach monitoring tools that help to identify security vulnerabilities that can lead to data breaches.
Hackers, cyber thieves or other malicious actors have become quite proficient at exploiting weaknesses in an organization’s computer network either through hacking methods, or social engineering techniques. There are several types of cyber-attacks that can interrupt a company’s normal business activities, such as malicious code planted by hackers on a victims’ website rendering it unusable, Distributed Denial of Service (DDoS) attacks that cripple websites making them inaccessible, or attacks leveraging malicious software that wipes out critical data on a company’s hard drives and other hardware.
Beware DDoS
For some organizations, like financial or technology companies, DDoS attacks can affect thousands of customers leading to significant financial costs. For example, last year, Bandwidth, a cloud communications software company, reported losses of between $9 and $12 million due to a DDoS attack.
According to recent statistics, over 5.4 million DDoS attacks were reported in the first half of 2021, an 11% increase compared to 2020. On average, a DDoS attack costs a company between $20,000 – $40,000 per hour, and the attack can last anywhere from a few hours to several days.
All that said, organizations must pay as much attention to their cyber defence as they do to business activities. Cyber risks for organizations and private companies will remain long into 2022, so it is crucial for them to ensure that their cyber security programs are effective against ever-evolving cyber threats, because a cyber-attack can be ruinous for a business if a business is not sufficiently prepared.
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.