Six Cybersecurity Risks and How to Prepare

As the volume of cyberattacks escalates, cybersecurity is now on the radar of most companies. Yet despite all the attention to this problem, the risks continue to mount. In fact, 2020 broke all records regarding the number of cyberattacks on companies, governments, and individuals.[i] And an astounding 78% of senior IT and IT security leaders say their companies lack the needed protections against cyberattacks despite making increased IT security investments in 2020.[ii]

As more companies shift to a remote workforce, the migration of workloads off traditional networks is accelerating, expanding the potential cyberattack surface. At the same time, cyber attackers are becoming increasingly sophisticated, adjusting their methods as organizations become more adept at detecting and responding to cyberattacks. Many cyber criminals now embrace advanced techniques that make their activities difficult to detect, use automation to increase their success, and focus their attacks on business’ highest-value targets. And as the payback increases, cybercrime is expected to cost the world $10.5 trillion a year by 2025.[iii]

Six cybersecurity threats to watch for.

So what are some of the cybersecurity threats organizations face? While cyber criminals have devised numerous ways to compromise businesses, here are six cybersecurity threats every company should be on the lookout for:

1. Ransomware: Ransomware is a form of malware in which the attacker encrypts an organization’s files and then demands a ransom payment to restore access to the data. This type of cybersecurity attack has been rising exponentially, with a new organization now falling victim to ransomware every 10 seconds.[iv] According to one survey, half of all businesses have experienced a ransomware attack within the past two years.[v] And with the average cost of a ransomware attack at $4 million,[vi] the impact can be devastating. Take the recent Colonial Pipeline ransomware attack, for example. The attack, which resulted from a single compromised VPN password, led to fuel shortages and long gas lines across the East Coast. The VPN account didn’t use multi-factor authentication, making it easy for the hackers to breach Colonial’s network. 

• Phishing: Phishing scams are situations in which an attacker sends a person an email pretending to be from a legitimate individual or organization to trick the person into divulging confidential information, downloading malware, paying a fake invoice, or taking some other action that benefits the attacker. Phishing attacks account for more than 80% of all reported security incidents, with nearly $18,000 lost every minute to these types of attacks.[vii] And, unfortunately, phishing emails are becoming increasingly sophisticated as attackers find ways to make them look like legitimate emails from trusted co-workers, suppliers, and partners.

• Credential Stuffing: With credential stuffing, attackers obtain usernames and passwords leaked during data breaches to attempt logins at popular websites and services. Because the success rates are low, hackers typically use automation to “stuff” the website with numerous credentials until they find one that works. Once attackers find a winning username and password combination, they then use these credentials to make fraudulent e-commerce purchases or access credit card information, social security numbers, and other sensitive data. Credential stuffing relies on the fact that most people reuse the same password across multiple accounts—and these attacks are both common and costly. According to Ponemon Institute, businesses lose an average $6 million per year to this form of cyberattack.[viii]

• DDoS Attacks: In a distributed denial-of-service attack (DDoS attack), the hacker tries to shut down a company’s systems by flooding its network or servers with Internet traffic to overwhelm it with requests for access. While this is one of the more rudimentary types of cyberattacks, it can be highly disruptive, shutting down a company’s website and other digital services for days and even weeks. A record breaking 10 million DDoS attacks were launched in 2020, a 20% increase over the previous year.[ix] DDoS attacks have been made against companies across a wide range of industries including financial services, healthcare, communications, technology, and manufacturing—with one prominent DDoS attack taking down the New Zealand Stock Exchange.

• Supply Chain Attacks: These attacks attempt to compromise one organization in order to reach other companies within the same supply chain. By compromising the email account of a vendor, for example, cyber criminals can get the larger company to pay a fake invoice or transfer future invoices to a fraudulent bank account. Or by finding a way to compromise all the companies an organization supplies, hackers can disrupt the entire supply chain. A high-profile example is the Russian hack of SolarWinds IT management software undertaken to spy on hundreds of government agencies and securities firms. The hackers breached SolarWinds by inserting malicious code into software updates of the company’s network-monitoring tool, Orion. Customers who then installed an Orion patch had the Russian malware planted in their networks. Unfortunately, supply chain attacks are on the rise, with nearly 700 entities affected by this type of cyberattack in 2020.[x]

• Deep Fakes: Deep fakes are images, audio, and videos that use artificial intelligence to create fake events. While deep fakes are used to spread misinformation, they can also be used as cyberattacks. For example, a CEO of a UK subsidiary paid $243,000 into a Hungarian bank account after being phoned by someone who spoofed the voice of his boss at his German parent company.[xi] The cyber criminal who tricked the CEO appears to have used AI-based software to mimic the boss’ voice by phone. This emerging form of cyberattack is expected to grow over the coming years as deep fakes become more sophisticated and harder to detect.

Defending against cyberattacks.

Defending an organization against cyberattacks is an ongoing effort that requires continual vigilance. Here are some tips to improve your preparedness:

• Evaluate your company’s attack surface and resilience to threats to determine where controls are needed the most.
• Take a centralized cybersecurity approach to ensure you have visibility across the entire organization.
• Make sure your cybersecurity posture includes ways to predict and prevent cyberattacks as well as ways to detect and respond to an attack should one occur.
• Enforce strong password policies that include frequent password changes and the use of complex passwords.
• Adopt multi-factor authentication to create multiple layers of password protection that combat the use of stolen credentials.  
• Implement Privileged Access Management (PAM) tools to ensure privileged accounts don’t fall into the wrong hands.
• Use reliable phishing and spam filters for your organization’s email accounts.
• Provide mandatory cyber awareness training to all of your employees.
• Reduce your vulnerability by ensuring all operating systems, security software, applications, and tools are up-to-date.
• Develop a response plan that includes backing up IT systems and data to prevent a disruption in operations in the event of a cyberattack.
• Keep track of evolving risks and continually improve your cybersecurity response as new threats emerge.

Reducing your vulnerability.

For today’s organizations, it’s not a matter of “if” a cyberattack will occur, but “when.” As companies beef up their protection measures, cyber criminals continue to adapt their strategies, and new threats are emerging all the time. While companies can’t eliminate these threats altogether, with a strong cybersecurity posture and constant attention to evolving threats, they can reduce their vulnerability, sending cybercriminals elsewhere for an easier win.

Final thoughts.

With SailPoint Identity Security you can transform manual processes to automated, shift your security approach from technology-centric to people centric and evolve static policies to be self-learning and adaptive.

See how your cloud enterprise can benefit from SailPoint Identity Security.

---

[i] Forbes, “Alarming Cybersecurity Stats – What You Need to Know for 2021, https://www.forbes.com/sites/chuckbrooks/2021/03/02/alarming-cybersecurity-stats——-what-you-need-to-know-for-2021/?sh=668e99e058d3

[iii] Cybercrime Magazine, “Cybercrime to Cost the World $10.5 Trillion by 2025,” https://cybersecurityventures.com/hackerpocalypse-cybercrime-report-2016/

[iv] InfoSecurity Magazine, “One Ransomware Victim Every 10 Seconds in 2020,” https://www.infosecurity-magazine.com/news/one-ransomware-victim-every-10/

[v] Randori, “The Rising Cost of Ransomware – 2021 Report,” https://www.randori.com/2021-the-cost-of-ransomware/

[vi] Beta News, “The impact and cost of ransomware in 2020,” https://betanews.com/2020/10/09/ransomware-in-2020/#:~:text=The%20global%20cost%20of%20ransomware,t%20get%20their%20data%20back.

[vii] CSO, “Top cybersecurity facts, figures and statistics,” https://www.csoonline.com/article/3153707/top-cybersecurity-facts-figures-and-statistics.html

[viii] Ponemon Institute, “The Cost of Credential Stuffing,” https://library.idgcommunications.net/idgcampaigns/documents/uploaded_data/d40/97b/1c-/original/the-cost-of-credential-stuffing_EN.pdf?1526474825

[ix] Netscout, “Netscout Threat Intelligence Report,” https://www.netscout.com/threatreport

[x]SecureWorld, “More than SolarWinds: Supply Chain Attacks Increasing,” https://www.secureworldexpo.com/industry-news/supply-chain-attacks-increasing

[xi] Wall Street Journal, “Fraudsters Use AI to Mimic CEO’s Voice in Unusual Cybercrime Case,” https://www.wsj.com/articles/fraudsters-use-ai-to-mimic-ceos-voice-in-unusual-cybercrime-case-11567157402