Before the 1980s, Medellin was the Colombian version of Sleepy Hollow, a small blimp on the map that nobody really took notice of. Then came Pablo Escobar and introduced the world to what would become the biggest trade at the time.
Prior to 2016, cyber crime (as we know it now) was also a tiny blimp on the map that nobody really paid a lot of attention to. How this has changed over the years.
Bigger than the drug trade.
I recently read an article which pointed out that cybercrime has become bigger than the drug trade.
The bizjournals.com article pointed out that the billions that drug cartels make are nothing compared to the earnings of today’s cybercriminals.
The article added that by 2021, cybercrime is expected to cost the world $6 trillion yearly, making it more profitable than the global illegal drug trade, according to data provider Cybersecurity Ventures.
The article pointed out that the FBI says the cybercrime epidemic has grown out of proportion. It’s not so far-fetched to think that personally identifiable information of nearly every American is now on the dark web. One reason for this is that the rate of internet connection is far outpacing our ability to make it safe.
Knowing this, how can small-and-medium-sized businesses (SMBs) protect themselves from this growing threat? What can they do to avoid losing important data? Sitima Fowler, Co-Chief Executive Officer at Capstone IT told bizjournals.com that a lot can be done. Below is the reproduction of the interview.
Why are SMBs vulnerable to cyberattacks?
SMBs are especially vulnerable to cyberattacks because the need for security doesn’t necessarily scale with the size of a business. Small businesses are vulnerable to the same threats as larger ones, but often lack the resources to fully implement network security.
Additionally, SMBs may lack the expertise to make informed policy and configuration changes in response to emerging threats.
What is an SMB’s most vulnerable area of concern when it comes to cybersecurity?
The most vulnerable area of concern for cybersecurity is the internal threat. That doesn’t necessarily mean that employees are actively trying to compromise an employer’s network (though they might), but that these people are susceptible to assisting a cybercriminal accidentally. From clicking on malicious links, plugging in infected USB drives, to divulging configuration details over the phone, a trusted employee can be a cybercriminal's best assistant.
How can SMBs protect against internal threats?
Train employees to recognize threats and limit access to data. Not everyone is able to recognize how to identify an email that looks like it comes from their bank or from eBay, but everyone should know to forward the message to IT if unsure. Training also helps employees recognize signs of social engineering and explains the dangers of plugging in an unknown USB drive or connecting to an unknown network.
What else should SMBs do to protect themselves and their data?
One of the most important security measures for SMBs to take is properly securing remote access to their networks. While convenient, remote access mechanisms often lack adequate security to defend against attackers scanning the Internet. If you connect to a terminal server or office PC, protect that connection with a VPN. Make sure that multi-factor authentication is enabled on web portals.
What about the data itself? Do I need to encrypt everything?
We recommend encrypting mobile devices that store company data, such as laptops, even if not required by regulatory compliance obligations. Knowing that a machine is encrypted means that the cost of a lost or stolen laptop is just replacing the laptop, rather than a potential release of corporate data.
To protect SMBs from cybercriminals, Fowler recommends the following:
- Train your employees. Employee training isn't just understanding how to identify forged emails. It includes policies, handling security incidents, and encouraging safe online behavior and password best practices;
- Set up and implement stringent security policies. Develop and enforce policies that meet a client’s security goals and regulatory compliance requirements. Organizations covered by the Health Insurance Portability and Accountability Act (HIPAA), for example, are required to ensure the security of private records with a combination of advanced encryption systems, threat prevention tools, and backups;
- Monitor the network. Do this regularly to check for abnormal behavior, access pasterns, and vulnerabilities that may result in a breach; and
- Ensure perimeter security and access restrictions — Firewalls and intrusion prevention systems must inspect all traffic for viruses and intrusion patterns. It's also important to give each user the bare minimum access privileges necessary to perform their jobs to prevent unauthorized access and use of key systems.
In terms of risk, there are obvious targets and not so obvious targets. But how do we asses this? Did you know that South Africa is one of the countries that is unprepared if it experienced a significant cyber-attack?
The all4women.co.za article points out that Global security awareness training and simulated phishing platform, KnowBe4 has on Wednesday warned eight countries to be aware of cyber crime
This comes after the survey found that South Africa, Kenya, Nigeria, Ghana, Egypt, Morocco, Mauritius and Botswana citizens were not prepared for the cyber threat.
The report shows that only 65 percent of respondents across all eight countries were concerned about cybercrime.
Trust is good enough.
The article points out that the survey shows that 53 percent of Africans think that trusting emails from people they know is good enough, while 28 percent have fallen for a phishing email and 50 percent have had a malware infection.
The survey shows that 64 percent do not know what ransomware is and yet believe they can easily identify a security threat, while 52 percent do not know what multi-factor authentication is.
The article adds that the survey points out that from ransomware to phishing to malware and credential theft, users are not protecting themselves adequately because they mistakenly think they’re informed, ready and prepared. Around 55 percent believe that they will recognize a security incident if they see one.
Of all the countries surveyed, Kenyans and South Africans were the most concerned about the risk of cybercrime and yet respondents were comfortable giving away their personal information if they understood for what it was being used.
Any means necessary.
The all4women.co.za article points out that many phishing scams will use any means necessary to tease out valuable nuggets of personal information and phone calls or emails from so-called ‘trusted sources’ were among the most common methods used.
For South Africans, a worrying 31,5% thought that a cyber threat that encrypts files and demands payments was a Trojan virus and 26,9% of Kenyans agreed. Egypt and Morocco thought it was a drive-by download, while Ghana thought it was a botnet.
The KnowBe4 survey suggests that it has become critical that organizations train employees around security best practices and the various methodologies that the cybercriminal uses.
The article adds that this not only helps to minimize the growing risk of human error that’s allowing threats to bypass their complex and powerful security systems but helps to protect their employees.
The survey has highlighted the areas that are most vulnerable and where people need the most help in learning about cyber threats.
Education is key to ensuring that employees are aware of the risks, understand the threats and make more concerted efforts to protect themselves from infection.
North of the borders.
Are African countries facing the cyber threat alone? No, many European countries are also scrambling to get their defenses in order.
The information-age.com article points out that Specops‘ study on cybercrime, which analyzed the percentage of cloud attacks on Azure alongside the proportion of machines encountering cryptocurrency mining, malware and ransomware per month, found that the Netherlands is the most vulnerable among European countries.
The article adds that, in the Netherlands, machines have faced a cyber breach rate of 17.64%, as well as facing the largest proportional amount of cloud provider attacks on Azure (16.28%).
Coming in second overall is Bulgaria with 17.55% incoming attacks, with Belarus, Ukraine and Bosnia and Herzegovina facing a rate of 10.83%, 10.35% and 7.06% respectively.
Conversely, Ireland was found to be the country that is least at risk, with a rate of 1.08%, followed by Norway (1.38%), and Denmark (1.6%).
The article pointed out that Specops Software’s senior vice-president of global marketing, Aimée Ravacon, provided three things to consider in order to minimize cyberattack risk:
- Stop re-using passwords. When you reuse your passwords, you are opening yourself up to cybercrime since attackers use your login information from one site to target another site;
- Use multi-factor authentication. Many online services now offer multi-factor authentication, but too few people are taking advantage of this extra security layer. This simple step just takes a minute but can protect you from falling victim; and
- Be wary of suspicious-looking links: “Phishing emails are designed to look real and can even appear to come from people you know. But clicking on links in a phishing email can open a backdoor for an attacker.
Cloud attack encounters.
The information-age.com article points out that with the Netherlands topping the list for cloud attack encounters, Bulgaria, as well as coming in second overall, came in behind the Netherlands in this category as well (11.68%).
Other high-ranking countries when it comes to attacks on Azure accounts included France (2.73%), the UK (2.02%), and Finland (1.72%).
The article adds that Belarus was found to have had the most malware attacks among European countries; 10.17% of machines in the country encountered them per month, followed by Ukraine (9.57%), Bosnia and Herzegovina (6.76%), and Romania (5.92%).
Ireland, on the other end of the scale, only encountered a 0.7% monthly rate for malware cybercrime, with the other least vulnerable European countries in this category being Finland (1.27%), Norway (1.33%), and the Netherlands (1.33%).
The information-age.com article points out that ransomware-orientated cybercrime was encountered the most in the Ukraine with a monthly rate of 0.09%, followed by Belarus and Bosnia with 0.06% and 0.05% respectively.
The UK, Ireland, the Netherlands, France, Germany, Switzerland, Denmark, Sweden, Norway and Finland all encountered the lowest rate of ransomware with 0.01%.
The article points out that, for attacks on cryptocurrency, Belarus (0.42%) received the highest rate per month, followed by Ukraine (0.33%), Bosnia and Herzegovina (0.25%), and Bulgaria (0.17%).
Machines in Switzerland, the home of the blockchain ecosystem Crypto Valley, only received a rate of 0.02%, higher than just one country, Ireland with 0.01%.
Specops used credentials from Microsoft’s Security Intelligence Report to conduct the study.
The hero of it all.
When you read endless articles about the severity of cybercrime, it becomes hard to find a hero in the tale. However, despite the craftiness of cybercriminals, they still haven’t managed to hack Blockchain.
The fxstreet.com article pointed out that Since the FBI began collecting cybercrime data in 2015, more than 1.7 million complaints have been logged by the bureau, resulting in $10.2 billion in losses.
Criminals are getting so sophisticated. It is getting harder and harder for victims to spot the red flags and tell real from fake Donna Gregory of the FBI told media sources.
The fxstreet.com article pointed out that 2019 has been a year flooded with news about ransomware infections hitting left and right. Companies in the private sector, managed service providers, schools and municipalities have been hit the most.
- 113 state and municipal governments and agencies were hit;
- 764 healthcare providers were affected; and
- 89 universities, colleges and school districts, with operations at up to 1,233 individual schools potentially affected.
No hack here.
What’s this got to do with blockchain or cryptocurrencies?
The article points out that it has a lot to do with cryptocurrencies. That’s because blockchain is going to put cyber scumbags out of business. And, it’s going to create big opportunities for businesses and investors. Why?
Because no one has ever hacked Bitcoin. That’s because Bitcoin is stored over blockchain, the most secure computing network in the world. And this security is exactly why the business world is rapidly incorporating blockchain technology into their corporate databases.
The article adds that the key factor of blockchain security is its decentralization. There is no central location for cyber thieves to search for your personal data.
Instead, blockchain is a record-keeping digital technology based on a “distributed ledger,” which means that data is stored over millions of servers all around the world. A cyber scumbag would need to go from one data point to another, one at a time, as opposed to accessing a centralized database.
The result is that cyber thieves no longer have a single point of entry, and ...
Can only access a small part of your information, even if they manage to break in.
And it can’t be overstated just how difficult it would be to access even one data point. We’re talking computing power that most people can’t comprehend, let alone have access to.
The article points out that your personal data, once confirmed on the blockchain, is part of the ledger forever. Fraudulently altering them is impossible. No wonder that businesses all over the world are scrambling to incorporate blockchain technology into their security solutions.
Cybersecurity expert Cybersecurity Ventures forecasts that total global spending on cybersecurity will exceed $1 trillion cumulatively over the next five years.
You can be sure that a big chunk of that $1 trillion jackpot is going to find its way into the coffers of the blockchain service providers and a piece of that action may find its way into the pockets of investors who include those kinds of stocks in their portfolios.