Today, our businesses rely on digital technologies to a greater degree than ever before. Digital platforms and systems help us operate more efficiently, communicate more seamlessly, and deliver better value products and services to our customers. While increased digital adoption has provided widespread benefits to businesses, our complex and interconnected digital world has given criminal hackers access to new opportunities, and the cyber threat is only likely to get worse as more business activity is conducted online.
The Cyber Threat Landscape is Evolving, and Businesses Need to Prepare
The cybercrime picture in 2023 makes for some concerning reading. A profusion of capable and varied online threat actors present a very clear and present danger to firms of all sizes, and across all sectors of the economy. Here are a few recent headline statistics:
- Last year, US cybercrime losses totaled $10.3 billion, the highest figure on record, according to the FBI’s Internet Crime Complaints Center (IC3).
- 43% of cyber-attacks are targeting Small to mid-sized businesses according to Accenture’s Cost of Cybercrime Study.
- Human error plays a role in 95% of cyber incidents.
- The global cost of cybercrime is set to rise to $10.5 trillion in 2025. For context, this figure stood at an estimated $3 trillion in 2015.
- Phishing attacks remain the most common threat type, featuring in 36% of all data breaches according to a 2022 report by Verizon.
Cybersecurity analysts unanimously concede that the cybersecurity picture looks bleak, and that businesses face greater challenges than ever in terms of fortifying their digital assets. So why is the cyber threat terrain so hostile in 2023?…
Phishing Attacks Have Become More Refined and Sophisticated
Phishing remains the most common cyber risk encountered by US businesses, by a significant margin. While email remains the phishing criminal’s preferred modus operandi, recent years have witnessed a dramatic rise in mobile phishing, with half of mobile phone users experiencing a mobile phishing attack every quarter in 2022.
New technologies, and easier access to graphics and social engineering data, has made phishing more accessible to hackers, and given them the tools they need to launch more convincing campaigns. Some of these tools feature AI-powered data capture capabilities, assisting criminals in crafting credible digital personas using publicly available information relating to both businesses, and their employees.
Despite growing awareness, email remains the single greatest point of digital vulnerability for businesses, and the email inbox remains the primary entry portal for malware – particularly ransomware. Effective email security and employee cybersecurity awareness training are therefore 2 of the most impactful investments organizations can make in their security posture.
Business Email Compromise (BEC)
Business email compromise (BEC) is a form of social engineering threat whereby an attacker infiltrates a corporate email service and usually attempts to impersonate a senior company exec or a trusted trading partner. Attackers may use BEC to gain a direct financial reward, infect a corporate network with malware by inviting users to open malicious links, visit compromised websites, or to gain access to sensitive information.
BEC has long been considered one of the most advanced and pernicious forms of social engineering attack, and the task of countering it looks set to become harder as BEC criminals enter a new arena: collaboration tools and mobile messaging apps.
BEC attacks have seen a 53% year-on-year rise, and their ability to evade traditional email filtering technologies makes them tricky to intercept using technology alone. Holistic security countermeasures encompassing policies, awareness, and overlapping technical controls provide the most effective protection against BEC and other targeted forms of social engineering.
If there is one cyber threat type that has dominated the headlines in recent years for all the wrong reasons, it’s ransomware. Ransomware incidents have skyrocketed in recent years, with an astonishing 76% of organizations targeted by ransomware in 2022. Ransomware is widely regarded as the most financially harmful form of cybercrime, with losses incurred through IT system downtime, ransom payments, legal liabilities, and reputational damage.
It’s not only a sharp increase in the incidence of ransomware that businesses need to worry about, cybercrime analysts have also noted worrying trends in the nature of ransomware attacks, which are believed to be fueling their increased potency. Here are some of the patterns spotted:
- Supply Chain Exploitation. Ransomware criminals are increasingly targeting supply chain weaknesses in order to inflict more widespread damage. With more organizations affected, the criminals gain greater leverage, and stand a greater chance of receiving their ransom payment.
- Double Extortion Ransomware. In a double extortion ransomware attack, there are multiple components of coercion used. The use of data encryption will typically be accompanied by data exfiltration, and the threat of publication into the public domain unless the ransom is paid within a given timeframe.
- Ransomware-as-a-service. The migration of organized criminals into the ransomware space has precipitated the rise of pay-for-use ransomware code. Now, criminals no longer have to write their own code, and can instead leverage prebuilt ransomware programs and infrastructure to orchestrate effective and sophisticated attack campaigns.
- Phishing Emails as the Primary Carrier. In 2022, phishing emails represented the biggest single delivery mechanism for ransomware. This is nothing new, but since phishing continues to grow consistently year-on-year, businesses must acknowledge the importance of email security in relation to mitigating the threat posed by ransomware.
A Ransomware Case Study: The MGM and Caesars Attack
In September 2023, MGM Resorts, and casino operator Caesars, suffered subsequent ransomware attacks which saw 6 terabytes of their data stolen by hacking group, Scattered Spider. The attacks made use of ransomware provided by ALPHV, a ransomware-as-a-service operation.
The attack on Caesars, which came first, saw the company pay $15 billion dollars to the hacking group, negotiated down from the $30 million demanded. Days after receiving this payment, the same cybercrime group attacked MGM resorts, causing significant disruption to its ATMs, elevators, slot machines and hotel management software.
What’s particularly notable about the MGM attack, is how a simple act of deception that exploited publicly accessible information was able to inflict such profound damage against a company valued at almost $34 billion. It is understood that Scattered Spider impersonated an MGM IT employee, using information gathered from their LinkedIn account. A short phone call was made to MGM’s IT helpdesk, during which the hackers reportedly acquired login credentials, which were then leveraged to launch ransomware onto MGM’s systems. The security threat in play in this attack is known as “vishing” – a portmanteau of “voice” and “phishing.” This refers to deceptive and manipulative social engineering attacks that take place over the phone.
The attack on MGM demonstrates how cybercriminals can circumvent sophisticated technological security controls by exploiting the key vulnerability that companies big and small fail to account for: poor employee cybersecurity awareness. In this instance, the telephone request for sensitive information (the account credentials) should have been denied, and such information only shared in circumstances where ID verification can reliably be carried out. The attack speaks to a lack of cybersecurity training within MGM’s IT department, and suggests a need for robust training on the dangers of social engineering attacks.
Digital Identity Theft
Fraudulent activity and identity theft are longstanding societal problems that are burgeoning in the digital realm, as both businesses and consumers do more selling and buying online.
As businesses maintain larger digital footprints than ever before, identity scammers have gained increased visibility into workplace activities. They exploit public-facing information from social media sites to intercept business communications and perpetrate their acts of deception.
Hackers also benefit from an enlarged attack surface, as IT networks have grown over the years to incorporate a vast array of network-connected devices, with smartphones, laptops, tablets, wearables and IoT devices presenting IT teams with a fresh set of security challenges and considerations.
Internet of Things (IoT) Threats
The Internet of Things (IoT) has enabled businesses to operate more efficiently and seamlessly, facilitated by intelligent systems and greater data connectivity. From logistics to healthcare, IoT has seen widespread adoption across many industries, and this growth looks set to accelerate further in the coming years, with experts forecasting over 29 million active IoT devices globally by 2029.
Despite the benefits on offer, IoT gives rise to cyber liability considerations that businesses must be mindful of. Much of these new risks stem from IoT’s tendency to broaden the attack surface, giving hackers opportunities for network penetration that simply didn’t exist before. The growth in IoT has led to a rise in IoT-focused ransomware attacks, which see attackers use poorly secured, vulnerability-laden devices used as an entry point for ransomware injection.
IoT is also being used as a vector for the transmission of malware through software supply chain attacks. Attackers hunt for and exploit vulnerabilities across the IoT supply chain, using manufacturing, distribution and updating processes as opportunities to infect devices with malware. Once connected to IT systems, these devices release their payload, whereupon it can proliferate system-wide, causing damage to the network and stealing valuable data.
Another IoT-related risk arises from poor device governance. Remote work practices and increased use of employee-owned devices has made security governance a greater challenge for IT teams, particularly in terms of monitoring and securing the IoT devices that attach to home networks. Such devices are often weakly configured in terms of security and may lack the security features necessary to provide enterprise-grade data protection.
Mobile Device Threats
Cyberattacks against mobile devices have risen by 350% in recent years, driven mainly by hybrid working practices. Today, mobile devices are responsible for a greater proportion of web traffic than desktop devices, and this growth in mobile activity has seen hackers shift their focus toward mobile device vulnerabilities.
In the absence of robust and comprehensive mobile security measures, mobile devices can present a range of cyber risks and data threats to businesses. Some of the most common include:
- Mobile Phishing. Phishing is the single biggest cyber threat businesses face, and attackers are increasingly using mobile chat applications to deliver their campaigns. These apps are harder for security teams to police than email, and can provide hackers with a route of entry to launch harmful attacks against business IT networks.
- Rogue Wi-Fi Hotspots. Hackers set up malicious hotspots which mimic legitimate, free public Wi-Fi services. Once unsuspecting users connect, the hackers can eavesdrop on confidential conversations, disseminate malware, and steal/corrupt sensitive information.
- Malware. Cybercriminals have exploited the growth in mobile devices by developing various forms of mobile malware, including spyware, ransomware, trojans, bankers and adware. From SMS and chat applications to rogue URLs and counterfeit apps, attackers use a wide range of delivery mechanism to infect remote devices and corrupt the valuable data held within them.
- User Complacency. Studies suggest that users are less cyber-risk conscious when using mobile devices. This could be due to the perception that such devices are less security-critical than desktop devices, and their association with recreational, rather than work-related activities. This security complacency can heighten mobile device risks, and provide online criminals with a convenient and poorly guarded route of entry to organizational data stores.
Infinity Technologies – Build Resilience and Fortify Your Defenses with our Cybersecurity Solutions and Services
In the context of today’s hostile cyber threat landscape, carefully managed and comprehensive cybersecurity is critical to the success and sustainability of any business. Cyber liabilities can emerge in countless forms, which requires the deployment of technical controls and organizational measures to combat threats at every point of vulnerability.
Our services, solutions and strategic guidance will help you fortify your defenses and hardwire resilience into every facet of your digital systems. Here’s how Infinity Technologies helps businesses across Fredericksburg and Virginia counter today’s growing cyber threats:
Next Generation Antivirus (NGAV)
Our managed, next-gen antivirus combines signature-based detection with advanced AI-driven capabilities to offer network-wide protection against malware threats. NGAV leverages known-threat intelligence alongside the ability to spot anomalous network activity and the early indications of an attack. This ensures both legacy and new threats can be swiftly and decisively neutralized before they’re able to gain ground in your network.
Secure and Tested Data Backup
Our managed data backup service copies your data to multiple offsite locations, allowing for the swift restoration of entire systems or the easy retrieval of individual files. Our backup service exceeds industry best practices and the requirements set by cyber insurers, so you can be assured of a fully secure, regularly tested data backup service that helps you maintain full compliance.
User Cybersecurity Training
Without the right training, end-users can be a business’s greatest cyber liability. Our user cybersecurity training will transform your users into your organization’s greatest cybersecurity asset, ensuring they know how to detect and react to the most common cyber threats. Our all-in-one training platform features security training, phishing simulations, and dark-web monitoring, helping you build a robust security posture that recognizes the importance of human-centric cybersecurity.
Safeguarding data against unauthorized access or malicious intrusion is a crucial safeguard against data breaches. We’ll ensure your data is protected by the appropriate safeguards and data loss prevention controls in accordance with your compliance obligations. From multi-factor authentication and remote access management, to the enforcement of password policies, we’ll ensure access to your data assets is tightly controlled, both at device and application level.
An all-encompassing cybersecurity framework should include procedural and policy-based elements which work in unison with the right technical measures. Our multi-skilled team has a deep understanding of organizational cybersecurity, and can work with you to develop policies and procedures that engrain security best practices into your company culture.
Managed Network Security
Our managed intrusion detection and prevention system (IDPS) delivers full network monitoring and live threat remediation, to provide threat protection that’s calibrated against the threats of tomorrow. From traffic patterns and sign-on attempts, to anomalous user behaviors, our live scanning is designed to detect activity that deviates from baseline norms, supporting an immediate threat response that eliminates danger before it can take hold.
Infinity Technologies – Robust Cyber Risk protection for Virginia Businesses
From our home in Fredericksburg, Virginia, Infinity Technologies helps businesses reinforce their digital systems and build resilience against today’s growing cyber threats. Our strategic approach to cybersecurity unites people, processes and policy, to create robust security frameworks that account for every digital risk and vulnerability. To begin your journey towards a stronger cybersecurity posture for your business, get in touch today for a cyber liability review. This will help you evaluate your current defenses, and provide actionable guidance on how you can better manage cyber risks.