Cyber Crime Threats

cyber crime threats - Cybergate your cyber security partner

Cyber Crime Threats

Cyber crime is the greatest threat to every company in the world… Why?

Is cyber crime the worst threat to businesses today? The vast majority of business leaders agree that cyber crime is a top threat to any organisation as it can have devastating results in the form of disturbance of operations, loss of credibility and reputational damage and post-attack disruptions to the normal course of business.

GARTNER (2021) estimates a per annum spend of $124bn on Cyber Security and Risk Management Worldwide.

Internet crime is on the increase and a recent study by University of Maryland found that black hat hackers attack every 39 seconds. In the USA alone, the FBI has lately reported a staggering increase of 300% in cyber crimes since the beginning of COVID-19 pandemic. One of UK’s top tier insurance companies estimates that cyber attacks cost businesses anything between $400bn and $500bn a year, in direct and indirect damages. A cyber attack can disable an organisation, a cluster of businesses, a city or even an entire country. The dark web is where these cyber criminals deal malware, exploit kits and sell their black hat services.

In this blog article we take a look at the why and how cyber crime is a huge threat to any business globally.

Cyber attack surface

Technology and data nowadays are one of the most important resources in any organisation. Businesses can build a competitive advantage based on the latter. IT, data and the Internet transformed and still are, the way businesses conduct their business and operate. It is inevitable to say that cyber crime is then a great threat to every industry, every profession and every business from a micro startup to a global conglomerate. Globally there will be 200 zettabytes of data by 2025. This includes private and public data on the cloud, in data centres and on personal computers, tablets and smartphones.

Technology advancements, such as in IOT, will increase connectivity between various peripherals. Employees are increasingly working from home, thus generating, accessing and sharing more data remotely through cloud apps. Think Apple, Facebook, Google – the total amount of data keeps on increasing and the number of networked or connected devices will keep on growing. Private, Hybrid and Public clouds seem to be the natural storage mechanic going forward.

Both personal and businesses have increased their surface exponentially over the last decade and this created a much wider surface for hackers to attempt attacks to steal data or halt operations in view of asking for ransom payments.

It is estimated that approximately 1 million more people join the Internet on a daily basis. By end of next year it is expected that 6 billion people will be connected to the Internet iterating with data. We’ve seen Cyber threats evolve from a simple hack of a WordPress website to harm inflicted to railways, planes, power grids and anything in between.

Industrial Espionage

Data is a critical building block of today’s digitalised economy. As opportunities for innovation boom, malice around it also increases. Hackers exploit vulnerabilities, weaknesses and holes in systems to access confidential information. These confidential data sets (ex. customer data, employee data, transactions) are in turn sold on the dark web for substantial amounts, which amounts are usually paid using crypto currencies.

Data breaches can lead to fines by regulators (in case of regulated businesses such as Forex, Banks and Insurance companies), loss of licenses, legal cases by stakeholders and reputational damage due to loss, theft, unauthorised access or acquisition of data. Such attacks instill fear in an organisation’s workforce and generate substantial adverse media which is expensive in terms of effort and funds to mitigate and control.

A good number of hacking attacks and data breaches go unreported (mostly by unregulated private sector businesses) to avoid negative sentiment around their brand(s), which can lead to downward shifts in company valuation, lower turnover, lack of attractiveness when trying to recruit new employees, and challenges to acquire and retain customers. A cyber security strategy needs to be drafted and implemented and cybersecurity needs to be embedded in the organisation’s culture – it is not simply the responsibility of the CTO!

Cyber Threats: Ransomware, Phishing and more

Cyber threats come in various forms, and hackers are becoming more sophisticated in their approach with toolsets assisted by Artificial Intelligence, in some instances. Attacks cannot be predicted and the best practice is to always be ready for such an event.

Ransomware, which is malware that infects devices ranging from computers to smartphones, and email phishing reached epidemic proportions worldwide over the past 12-months, as the go-to method of attack by black hat hackers.

What can businesses do to protect themselves?

With all this doom and gloom, businesses do not have a crystal ball to know when they will be attacked and no magic wand to protect their digital assets against malicious attacks. A plan is to be in place, with clear responsibilities set out and a layered approach to cover all digital components in your company.

Policies are to be enacted and enforced throughout all the organisation and its (internal and external) stakeholders. Secure all endpoints, harden systems and servers, educate all employees and keep an up-to-date email filtering solution. Appoint an external (and independent) cyber security firm to assist the business in areas such as cloud security assessments, physical and application penetration testing, overall risk and vulnerability assessments and cyber awareness training.

Learn more about our lines of expertise. Get in touch with us today!

    We are here to help

    francesco mifsud cybergate your cyber security partner
    Francesco Mifsud
    [email protected]

    I live and breathe cyber security and everything else in the discipline. With around a decade of experience in the industry I have had the opportunity to develop skills in penetration testing, cloud security, reverse engineering & exploit development, application security engineering, management and organisation-wide cyber security strategy. I hold a well-rounded set of security certifications such as OSCP, eWPTX and CISSP and have delivered training & workshops at some of the most prestigious hacking conferences such as DEF CON, BRU CON, BSides London and BSides Manchester.