Protecting sensitive data in the 'golden age' of cybercrime
Like it or not, the global cybercrime industry has grown at a prolific rate over the last decade, making it harder than ever for organizations to keep sensitive data safe. To put the size of the issue into perspective, a recent IDC report found that around 50 percent of organizations have suffered unrecoverable data loss in the last three years. What’s more, the data also demonstrated how the pandemic turbocharged the issue, with attacks surging by an eye-watering 238 percent between February and April 2020. Simply put, the world seems to be in an extremely worrying 'golden age' of cybercrime at the moment.
As every business knows, a successful cyber-attack can have a devastating effect, potentially costing huge amounts of time and money to resolve, as well as inflicting major reputational damage, should sensitive information be taken or lost. In some cases, the organizations involved never recover.
In order to avoid becoming the next cyber-attack victim, business leaders and security teams need to stay one step ahead of the perpetrators. One of the best ways to do so is by keeping up with the latest cybersecurity trends, including the most prevalent or popular types of attacks, what to look out for, and how best to defend against them. While it’s impossible to be 100 percent 'cyber-proof' against attacks, developing a thorough knowledge of the dangers faced enables organizations to implement robust protection strategies that reduce the chances of being targeted, or in the event of an attack, minimize the damage/disruption caused.
Below are five examples of cyber-attack methods currently proving popular amongst cyber threat actors:
- Double-extortion ransomware
Of the trending types of attacks, such as Distributed Denial-of-Service (DDoS) and SQL injections, one particularly devastating attack is the double-extortion ransomware attack. Starting out as a traditional ransomware cyber-attack, instead of simply encrypting data and demanding a ransom, these attackers will threaten to leak or dispose of critical data. With data arguably an organization’s most critical asset in modern business, this type of threat can quickly bring a victim to its knees.
- Insider threats
Insider threats take many forms, ranging from current or former employees, to contractors, or even partners. They could be malicious, stealing information for personal use, sabotaging data or systems before leaving the organization, or they could be unwittingly complicit in falling foul of phishing attacks. What makes insider threats so dangerous is their position inside of the organization, which gives them legitimate access to sensitive company information.
The continual rise in digital transformation, BYOD, and remote working over the last few years is only making it harder to identify and mitigate such threats. In fact, according to the 2022 Cost of Insider Threats: Global Report, insider threat incidents have risen 44 percent over the past two years alone.
- Credential stuffing
The use of employee IT credentials (i.e usernames and passwords) has been commonplace for many years. While employees are usually discouraged from re-using the same passwords across multiple apps and websites, many organizations have become complacent in enforcing such rules, particularly since the explosion of remote working caused by the pandemic. Taking advantage of this, credential reuse or 'stuffing' is when cybercriminals gain access to a set of valid credentials (usually via a data breach) and then use bots try those same credentials across hundreds of other online accounts. If the credentials have been re-used anywhere, credential stuffing will expose this, giving those same criminals legitimate access to other accounts as well. A recent report by Akamai found that 193 billion credential stuffing attacks took place globally in 2020. This was largely as a result of the huge shift to remote working, the growing reliance on e-commerce, and the mass creation of new online accounts all creating opportunities for hackers to compromise data security.
- Phishing attacks
Phishing emails are the biggest vehicle for ransomware attacks. Years ago, these spoofed emails were easy to detect but since cybercriminals have become more skilled at imitating the look and feel of genuine emails, they are becoming increasingly successful. The UK National Cyber Security Centre co-developed the Suspicious Email Reporting Service with the City of London Police in 2020 and has since removed over 80,000 scams from the Internet to date.
- Man-in-the-middle attacks (MiTM)
TechTarget defines MiTM attacks as: "A type of cyber-attack in which the perpetrator secretly intercepts and relays messages between two parties who believe they are communicating directly with each other". Prevention methods such as multi-factor authentication and continual monitoring are more effective than trying to remediate after an attack, and traditional security appliances don’t easily detect them.
The role of continuous data protection in modern cyber-security strategies
Unfortunately for CIOs, CISOs, and business leaders everywhere, the very nature of cybercrime means threat actors will always have the element of surprise on their side. With this in mind, it’s critical that data protection strategies put in place are both comprehensive and proactive, in order to keep data as protected as possible. For this reason, a growing number of organizations are turning to continuous data protection (CDP) in order to ensure their data is always secure.
The strength of CDP lies in its always-on replication and journaling technology, which means every single change that’s made to an application is backed up in near real-time. Consequently, in the event of a security incident, a CDP solution can be used to recover an organization’s entire site and applications within just a few minutes, with no downtime.
As cybercrime continues to grow at an exponential rate, it is sadly not a case of 'if' organizations get targeted, but 'when'. For those who are serious about data protection, it’s critical that robust strategies are put in place to not only act as deterrents to threat actors, but also enable rapid recovery and business continuity in the event of an attack. Doing so could mean the difference between minor disruption and fatal financial or reputational damage.
Photo Credit: Mila Atkovska/Shutterstock
Christopher Rogers is Technology Evangelist at Zerto.