Sarasota, FL (WorkersCompensation.com) – Businesses going bankrupt. Cyber threat actors being able to wander around a company’s system for months undetected and knowing how the organization would fight their attacks. Those are just some of the new normal in the world of cybercrime, according to experts. The companies most at risk are not necessarily what you might think.
“Ransomware is projected as a big business problem, but last year three quarters of attacks were on small businesses because they have less sophisticated defenses, are more vulnerable, and they have a tendency to pay,” said Rob Kolb, president of Premier Mindset. “The bad actors are not just targeting one portion of your business, but all aspects – particularly your financials.”
During a recent webinar produced by Tower MSA Partners, Kolb said additional trends expected in cyber attacks this year are that artificial intelligence will play an increasing role in both cyber-attacks in the hunt for vulnerabilities and on the defense side to understand the trends of hackers; and growth in the number of attacks using social engineering methods, such as phishing and scareware that require human interaction.
Cybercrime damages are expected to cost $6 trillion by next year; it is more profitable than the global trade of all major illegal drugs COMBINED.
“All hackers taken together, cybercrime damages would give them the 3rd ranked gross domestic product in the world [behind only the U.S. and China],” Kolb said. “We’re obviously dealing with some huge threats, particularly from a financial impact.”
A survey of 1,000 businesses showed that 11 percent of very small businesses and 44 percent of midsized companies have experienced a data breach in the last 12 months. Of these, the following were the outcomes:
69 percent were offline for a limited time
37 percent of businesses suffer a financial loss
25 percent filed for bankruptcy
10 percent go completely out of business
The issue is especially concerning for organizations involved in Medicare Secondary Compliance issues, as large amounts of personal and protected health information is transmitted among employers and insurers and the Centers for Medicare and Medicaid Services.
“Various entities gather [information] and are vulnerable to cyberattack,” said Daniel M Anders, chief Compliance Officer for Tower MSA. “Information goes into Medicare Set Aside reports, conditional payment services, etc. It’s sensitive data. Hackers want to get after it.”
Ensuring data security requires an in depth understanding of the constantly evolving world of cybercrime and expertise to address the very latest issues.
“… 60 percent of small companies go out of business within six months of falling victim to a data breach or cyberattack,” said Chris Nyhuis, CEO of Vigilant. “With both the financial security and future of your business on the line, it’s crucial for organizations of all sizes to have measures in place to monitor suspicious network activity.”
The average cost of a single breach is $3.62 million for small and medium sized companies, Nyhuis explained. For larger companies, the average amount is typically in the tens of millions of dollars.
“A primary cause of these risks was found to be complex, misaligned organizations with a lack of security connectivity, scalability and agility,”Nyuis said, “and the biggest was too few qualified people to manage security systems.”
Among the emerging trends in cybercrime is the ability of hackers to get and stay in an organization’s systems. “Security attacks are getting more and more prevalent and that’s pretty well known,” Nyhuis said. “But what isn’t well known is how long these threat actors are in your environment. The longer they’re there they start to delete evidence and they start to really get to what they are there for.”
That happens despite the best efforts of a company. Firewalls may be in place, security information manager (SIM) products are there, all the boxes for compliance targets are checked, anti-virus , machine learning and AI are all there.
“The problem is if a threat actor enters in your environment at 1:02 on the clock and it takes you six months to deploy a technology in your environment,” Nyhuis said. “So say you’re deploying out a SIM product, right. It takes 6 months to deploy that SIM product or it takes 7 months to create a security policy and disaster recovery plan. Well, that means that threat actor’s been in your environment already for 7 months. Once you get that technology deployed the average the industry has to detect at that point is 99 days. So add another three months there. So now you’re nine months in, 10 months in, that threat actor’s been there for 10 months before you even had the opportunity to detect them at that point. And that’s if you deployed the right technology first to be able to detect that threat actor.”
Security technologies that focus on detection first can shorten the amount of time a threat actor can operate inside a company’s environment before preventive controls are deployed or detects them, Nyhuis said.
He also suggests companies avoid using what he called Credit Card Security; that is, security technologies that can be purchased online with a credit card and delivered by mail. “That technology will actually have a high probability that it will fail you,” Nyhuis said. “Here’s why: because if you can purchase it, so can a threat actor. And what threat actors are doing is they are buying these technologies, they are reading your best practice documents, and they know what you do.”
For organizations such as Tower, the experts have implemented a variety of measures to better ensure security.
Hosting a ‘private cloud’ network, which is more secure than a ‘public cloud’ network
Securing email systems with DomainKeys identified mail, and Domain-based Message Authentication, Reporting & Conformance
Changing passwords every 30 – 60 days
Closing unused firewall ports
Obfuscating personally identifiable information and protected health information in email
Allowing users to download their own reports via portal instead of emailing them
Training Employees on how to recognize Email Phishing
“Where is your cybersecurity within your priorities in your business?” Kolb said. “Constantly be evaluating where you have security risks.”