Cyberattacks are on the rise and we are (not) ready for it

These days, we are used to seeing news about new big data breaches, cyberattacks and other hacker activities. Instead of this motivating companies to improve their security, it seems to have just made them numb to the topic. Considering the latest news and data around this topic, that might be quite a serious mistake!

There are a lot of reasons why this happens; mostly it’s because companies underestimate the dangers of hacker attacks. Since it’s not a physical thing you can see –  many organizations don’t fully realize the scale and repercussions a cyberattack can have. Not until it’s way too late and they are already victims to one. Sure, a lot of companies will tell you that they know about the risks and have security in mind. Statistics, though, tell us a different story.

More and more

Neterra’s own data shows a dramatic increase in cyberattacks in 2021. The company’s systems have stopped 5.5 times more DDoS attacks in the first nine months of 2021 compared to the same period the year before. This shows an increase of 454%. The company’s DDoS monitoring system has prevented a total of 873 407 DDoS attacks for the period. By contrast, from January 2020 to September 2020, the system prevented 157 474 attacks.

Naturally, some industries are more targeted than others. Neterra’s data shows that DDoS attacks against financial institutions and organizations were up by 551%. Two of those institutions, which use Nettera’s services, were targeted by a whopping 19 229 DDoS attacks.

Usually, DDoS attacks are known to be a way for disrupting the accessibility and usability of a service or a platform. By flooding the servers with massive traffic volumes from botnets, the servers are overwhelmed and either crash, or severely limit their functions. Thus, regular users can’t access them.

Very often though, there’s a lot more to a DDoS attack than disruption. In more than 50% of cases, the goal of a DDoS attack is to aid, distract or hide the real goal – stealing data, intellectual property and money. Often hackers launch a separate attack while the DDoS attack is happening, so they can achieve their real goal. Or they launch the DDoS attack immediately after that, to buy time or even remain completely undetected.

Double or nothing

Then, there’s ransomware. In 2021 this became quite the nagging problem for a lot of organizations. A typical ransomware attack overtakes and encrypts many devices and data as it can. Then it demands the owners to pay (usually via a cryptocurrency) a ransom to get the decryption keys and receive their data back. Often the data is also stolen, and victims are threatened that it will be leaked, or sold if they don’t pay. And what’s worse, sometimes hackers do that anyway, even after receiving ransom. There’s also the risk that if you pay once, hackers will keep returning for more and with bigger demands.

In 2020 ransomware attacks changed a bit. They’re not as widespread as they used to be. Instead, they became much more targeted. And in 2021, it seems that hackers are taking what they learned and ramping up again. UK’s GCHQ recently announced that the number of ransomware attacks in the country has doubled this year. The reason: ransomware attacks remain “largely uncontested” and very profitable, the Guardian reports.

While GCHQ won’t give out specific details for security reasons, it does note that “criminals are making very good money” from these attacks. A lot of companies prefer to simply pay and minimize downtime. Meanwhile, the US Treasury announced in October 2021 that ransomware-related transactions in the US for the first half of the year were around $590 million. The top 10 hacking groups believed to be doing such attacks have gained $5.2 billion worth of bitcoin over the past three years.

Meanwhile, the Identity Theft Resource Center (ITRC) announced that for the first three quarters of this year, the total number of publicly reported data breaches has already surpassed the entire total for 2020. As of that report, 2021 needs just a further 239 breaches to be reported to become the all-time leader for cybercrime. Quoted by Forbes, the ITRC says that the total number isn’t even the worrying information. It’s the fact that cyberattacks are becoming more systematic in their targeting.

Cyberattacks are changing

One of the best things about the IT industry is that it’s always developing and evolving at a very fast pace. Sadly, one of the negatives of this fact is that the same goes for cyberattacks. Hackers are always upping their game and constantly improving their tactics and abilities. Today cyberattacks which are almost a daily occurrence would have been top mainstream news 10 years ago. The sheer scale and abilities of the hackers has solidified their confidence, too. Now they attack every industry with specific attacks, developed to take advantage of niche weaknesses.

The 2021 Microsoft Digital Defense Report (MDDR) also confirms that cyberattacks are changing. The report is based on over 24 trillion daily security signals across Microsoft’s various services, including cloud, endpoints, intelligent edge. It also features input from more than 8500 security experts from 77 countries.

The report confirms a lot of the information we already discussed. Like the double extortion of ransomware victims – having to pay for both to get their data back and for the hackers not to publish it.

Another hacker favorite remains to be via email, specifically phishing. These attacks doubled in 2020 and the trend continued during the first half of 2021 which is covered by the report. Hackers have developed a vast arsenal of malicious email techniques which span the entire process of collecting victims’ emails, choosing proper lures, sender infrastructure, email development (spoofing, encoding and so on), attached files, links, call to actions and a lot more. Attackers mix-and-match various methods depending on their victims’ profile, the attack goals and other criteria. Basically, all of this can be a very long, complex campaign which requires a lot of thought, effort and resources, including financial.

The Microsoft report notes that malware also evolves. Hackers use viruses for an increasingly large range of goals. Most of the methods here are similar, time-tested and proven, but further modernized and adapted. This leads to some newer tactics like fileless malware for example, or viruses which employ evasive behavior and change and adapt their actions to remain undetected for as long as possible. Inject such malware into the networks of a trusted name and you have quite the challenge on your hands.

So, what to do?

This is the question all companies ask and usually it’s also the reason why they then neglect taking action. For companies that aren’t in the IT industry, cybersecurity can seem a very distant and complex topic that they prefer to avoid. Others think they are in an industry which isn’t drawing much attention, so they will remain under the radar.

Some do indeed invest in cybersecurity, but due to a lack of knowledge and/or funds they choose very basic measures or ones that aren’t really suitable for their needs. This can be even more dangerous, as it creates a false sense of security. The organization expects that the data is safe thus the employees could become more lenient with their actions. Eventually though, hackers can come across the company and for them it will be a walk in the park to breach it.

In fact, research shows that only 5% of company data is properly protected. Add the huge increase in cyberattacks and this can end very badly for a lot of organizations around the world. This is why it’s so important for companies from all industries and sizes need to pay attention to their cybersecurity.

The first step would be to create and maintain awareness of this issue. Companies must make security a part of their daily routines and invest in better protection and employee trainings. This would create a solid foundation for the ongoing security improvements.

When you change your mindset, you will start looking for service providers who are also mindful of security. Neterra, for example, uses several DDoS protection solutions which are available to its clients, and when they are used, they become part of a unified system which gives them more data, including in real-time, which helps them stay on top of risks.

It is also important to change and improve company policies. When we grow up, we are thought that we shouldn’t copy others, whereas in reality, sometimes that’s the best action. It’s perfectly fine to follow the best practices. You will need to invest some time to research the information and find out what are they for your specific goals and needs. Then, simply explore how to implement them for your organization – and you can even use professional help to do so!

Keeping up to date with this will seem daunting at first, but be persistent! As you and your team gain experience, it will become a normal part of your everyday workflow. Teamwork is vital to achieve and maintain a high level of security and it’s even more important in the event of a breach and the recovery afterwards.

The good news is that people are becoming increasingly more aware of the need for better cybersecurity. A pool by the Pearson Institute from October 2021 shows that 9 in 10 Americans are at least ‘somewhat’ concerned about hacking attacks which involve their personal information, financial institutions, government agencies or utilities. Two-thirds are ‘very’ or ‘extremely’ concerned. This is crucial data which means that people are becoming more aware of the issue and would also be willing to take part into improving their overall security. The fewer weak links – the better.

So, don’t think that your team isn’t interested in securing their data and devices; they might be more interested than you expect. And if they are, then the entire process of improving the cybersecurity of your organization will be even easier and successful. However, if they aren’t, then you may need to spend some time and effort to educate them on the risks and show them that even simple security improvements like enabling two-factor authentication can have significant benefits. Basically, remember that the proper cybersecurity begins with the mindset not with the technology.

If you want to know more about DDoS attacks, you can read the following article as well:

DDoS attacks are on the rise and many companies aren’t ready for the onslaught