2019's Top Cyber Risks: Finding solutions in vulnerability
Fourteen seconds. That was the prediction in 2017 on how often a business would endure a cyberattack by 2019. By October 2019, however, the actual figure was much worse. Every ten seconds, cyber thieves are trying to gain access into a business’s systems.
If 2019 proved anything, it was that hackers are becoming much more cunning in both their methods and their targets. The amount of money lost to cybercrime in 2019 - $2 trillion. By 2024, losses are expected to top $5 trillion.
That number could increase, particularly since cybercriminals frequently change how they attack. For companies trying to stay ahead of hackers, it becomes a struggle to eliminate one vulnerability as another is evolving.
Yet often, the method by which hackers breach systems is a common one. In fact, phishing via email or social media continues to top the list of how hackers are getting in. Phishing attacks make up 90 percent of data breaches, and phishing attempts have increased 65 percent in just the last year (2018-2019).
The problems are only increasing. In 2018, reports of credential compromise increased 70 percent over 2017, a 280-percent increase from 2016.
Still, knowing how hackers are getting in – and who they’re targeting – can go a long way to putting preventative measures in place. Let’s consider the three key trends in cybercrime that have dominated the conversation in 2019.
In 2019, ransomware grew in scope and frequency, signaling that this is the preferred method of attack for many cybercriminals. Ransomware attacks are growing at a rate of 350 percent each year. The reason – these attacks are easier for hackers to deploy and net higher payouts. They simply access the system, lock out users, and demand ransom to restore systems and files.
Yet even this method continues to evolve. Hackers, looking for the ultimate payout for their efforts, are now targeting companies that house their data or online access of multiple organizations. Vendors that are being used by many companies are a prime target as hacking into one system could net them access to hundreds or even thousands of customer systems such as a payment processor.
By all accounts, ransomware is expected to continue its exponential growth as a preferred method for cybercriminals. The top causes of ransomware to date are careless employees (51 percent), ineffective antivirus protection (45 percent), and outdated or unpatched software or security (26 percent).
Fortunately, these causes can be addressed effectively by most companies. Training employees on how to spot and handle fraudulent emails or phone calls requesting proprietary information can reduce significantly the risk of employee error. A clear process for reporting suspected activity should be part of a company’s overall risk reduction strategy.
Likewise, IT departments should be conducting regular updates of all software and security applications, as well as ensuring that current antivirus programs are able to respond to new threats as they emerge.