Cybersecurity breaches are often a result of improperly secured systems and a lack of user education and awareness—which means they can often be prevented with a more stringent cybersecurity strategy.
In 2016, there were more than 1,000 data breaches affecting 36.7 million records reported in the United States, according to the Identity Theft Resource Center. This represents a 40% increase compared with 2015. As of July 2017, there have been 858 reported breaches affecting 16.4 million records, not including the recent Equifax breach, which affected 143 million people. Current projections for 2017 put the total number of breaches around 1,500—a 50% increase over 2016.
It’s important to note that these breaches aren’t only happening to large organizations. They’re also happening to small and mid-sized organizations, as attackers begin to target these entities more frequently due to their lack of sophisticated security controls.
Most reported breaches are due to hacking; email phishing; or malware, especially ransomware. In fact, ransomware, whereby an attacker locks or encrypts a victim’s data until a payment is made, has become one the biggest threats facing businesses and other organizations today. The latest statistics from the 2016 Kaspersky Security Bulletin show that a company is hit with ransomware every 40 seconds, which is up from every two minutes in early 2016.
One of the main delivery methods of a ransomware attack is through email phishing, which is a social engineering technique that uses email to deceive end users into providing sensitive information, such as:
- Social security numbers
- Payment card information
A phishing email will typically use a Word, Excel, or PDF attachment to carry the ransomware program and once opened infect the target’s computer. Some ransomware variants, such as WannaCry and Petya, have been able to infect multiple systems at once and disable an organization’s operations for days, and sometimes even weeks.
The average payment is around $1,077 for victims who pay the ransom, however, the costs can escalate quickly for larger organizations. For example, a major web-hosting provider recently paid more than $1 million to attackers to regain control of its data. Regardless of whether an organization pays the ransom, the amount of time it takes to recover from these types of attacks can be crippling.
Protecting Your Organization
So how do individuals and organizations protect themselves? The answer is part training and part technology.
The main reason ransomware attacks are so prevalent and successful is because end users unknowingly open infected emails and attachments due to a lack of user education and cyber-awareness, making these users the weakest link in any security program. As such, organizations can benefit from investing in providing training for these end users.
Awareness training is a necessary first step in any security program, yet many organizations don’t take it. This is often because it requires time and resources to establish and commit to a training program as well as the backing of an organization’s governing body, management, human resources department, and IT—which can sometimes overwhelm organizations.
Organizations should consider providing security awareness training for every new hire and instituting an annual refresher course for all employees. It’s imperative that organizations also employ other methods, such as a monthly email reminder or awareness posters in the break room, to frequently remind end users about safe computing habits.
Organizations must work to ensure their IT systems are current and include rigorous protections to deter and detect attacks, such as:
- Network infrastructure design and perimeter protections
- Anti-malware and data leakage strategy
- Security information and event management solutions
- Incident response procedures
- Backup and restoration processes
Once these systems are in place, organizations stand to benefit from having them tested annually by an independent and qualified third party to help make sure they’re implemented properly.
It takes time and commitment to provide the training and technology to protect an organization, but when done properly, it can greatly reduce the risk of a cybersecurity breach stemming from a ransomware or phishing attack.
We’re Here to Help
For more information on how to improve cybersecurity at your organization, contact your Moss Adams professional.