• Latest
  • Trending
Crime Is Leveling Up – And Businesses Aren’t Prepared

Crime Is Leveling Up – And Businesses Aren’t Prepared

December 31, 2021
Inaugural AfCFTA Conference on Women and Youth in Trade

Inaugural AfCFTA Conference on Women and Youth in Trade

September 6, 2022
Instagram fined €405m over children’s data privacy

Instagram fined €405m over children’s data privacy

September 6, 2022
8 Most Common Causes of a Data Breach

5.7bn data entries found exposed on Chinese VPN

August 18, 2022
Fibre optic interconnection linking Cameroon and Congo now operational

Fibre optic interconnection linking Cameroon and Congo now operational

July 15, 2022
Ericsson and MTN Rwandacell Discuss their Long-Term Partnership

Ericsson and MTN Rwandacell Discuss their Long-Term Partnership

July 15, 2022
Airtel Africa Purchases $42M Worth of Additional Spectrum

Airtel Africa Purchases $42M Worth of Additional Spectrum

July 15, 2022
Huawei steps up drive for Kenyan talent

Huawei steps up drive for Kenyan talent

July 15, 2022
TSMC predicts Q3 revenue boost thanks to increased iPhone 13 demand

TSMC predicts Q3 revenue boost thanks to increased iPhone 13 demand

July 15, 2022
Facebook to allow up to five profiles tied to one account

Facebook to allow up to five profiles tied to one account

July 15, 2022
Top 10 apps built and managed in Ghana

Top 10 apps built and managed in Ghana

July 15, 2022
MTN Group to Host the 2nd Edition of the MoMo API Hackathon

MTN Group to Host the 2nd Edition of the MoMo API Hackathon

July 15, 2022
KIOXIA Introduce JEDEC XFM Removable Storage with PCIe/NVMe Spec

KIOXIA Introduce JEDEC XFM Removable Storage with PCIe/NVMe Spec

July 15, 2022
  • Consumer Watch
  • Kids Page
  • Directory
  • Events
  • Reviews
Sunday, 29 January, 2023
  • Login
itechnewsonline.com
  • Home
  • Tech
  • Africa Tech
  • InfoSEC
  • Data Science
  • Data Storage
  • Business
  • Opinion
Subscription
Advertise
No Result
View All Result
itechnewsonline.com
No Result
View All Result

Crime Is Leveling Up – And Businesses Aren’t Prepared

by ITECHNEWS
December 31, 2021
in Leading Stories, Opinion
0 0
0
Crime Is Leveling Up – And Businesses Aren’t Prepared

Cybercrime is big business. Not just because of the payoffs from breaching organizations, but from the knowledge share industry that’s grown up around it. Thanks to online marketplaces that exist on the dark web, you don’t need advanced IT skills to compromise an organization. All you need is an internet-connected device.

This has lowered the barrier of entry to cybercrime. Now someone with a few hacking skills of their own can buy everything they need online. What does this mean for cybersecurity teams? Expect attacks to increase in both volume and sophistication.

YOU MAY ALSO LIKE

Inaugural AfCFTA Conference on Women and Youth in Trade

Instagram fined €405m over children’s data privacy

There are a lot more businesses can (and should) be doing to level up their defenses against this rising tide of threats.

Teamwork Makes the Scam Work

In the legitimate business world, it’s impossible to find an organization that operates as an island. Most will outsource tasks, use the expertise of third parties or buy software-as-a-service (SaaS). Cybercrime is exactly the same. Hackers can pick and choose from various vendors worldwide to create their perfect hack.

Some will specialize in open-source intelligence (OSINT) to find the best targets and assess vulnerabilities. Others might be hackers-for-hire who help to create an initial breach or be willing to sell the ransomware payloads they’ve designed and built. Vendors come armed with trust scores, reviews and success stories – just like a legitimate online marketplace.

Anyone Can Be a Hacker

In the past, you might expect someone who’s compromised a significant organization to have expert system hacking skills or the ability to build advanced ransomware. Consider a modern scenario in which someone based in a foreign country wants to target a large business within the US or Europe with ransomware.

Through the dark web, they can purchase OSINT on the target business, a readymade ransomware payload, plus a phishing kit complete with email templates and automation tools. Phishing is a gift to these types of cyber-criminals, as it allows them to target the human layer of an organization. It’s far easier to get a phishing email in front of an employee than it is to hack a security system.

Going through a crime-as-a-service (CaaS) marketplace costs a prospective hacker money in the first instance, but the gains they stand to make from a successful attack are much more significant. So, what should you be doing to stay safe?

Don’t Be Marked as an Easy Target

It’s naïve to think being hit by one attack means criminal gangs will move on to another target. In fact, it’s the total opposite. Cyber-criminals within the crime-as-a-service community talk, and they know who the easy targets are. If a business has been successfully hacked, it’ll soon become common knowledge how they were breached, what was taken and where it may be vulnerable to future attacks.

This is especially true with ransomware. Research has shown that 80% of organizations hit by ransomware are targeted by a further attack – and 46% are targeted by the same cyber-criminals who hit them originally! Even if data is decrypted after a ransom is paid, attackers may have also exfiltrated data to sell or keep for further blackmail.

On top of that, criminals keep a close eye on who has cyber insurance so they can be in line for a large payout in the event of a breach. This is driving up premiums and even stopping businesses with weak cybersecurity from getting cyber insurance in the first place.

Being hit even once can leave a target painted on your back. This is why it’s so important to think proactively and focus on prevention.

Businesses Need to Step up Their Defenses

An Egress survey of enterprise IT security leaders revealed only 52% feel their organization understands which areas of their business are most vulnerable to attacks. This is a concern. For starters, are you aware of what OSINT is available about your organization online? You might be surprised.

Our survey also showed 59% of IT security leaders believe they can keep their organizations safe through video training, email reminders and VPNs. This shows a lot of faith in individual employees to defend against phishing. Yet, in the face of crime-as-a-service, people need more help from technology.

Email is the favored attack vector to target the human layer as it’s free and simple to use – plus people readily make the same mistakes over and over again, despite years of cybersecurity training. Unfortunately, traditional anti-phishing technology like secure email gateways (SEGs) isn’t up to the task of defending your human layer against the most sophisticated attacks we see today. They’re too reactive and only able to respond effectively to known threats.

You need to be looking to more advanced tools that rely on machine learning and natural language processing to detect the sophisticated tools and templates being sold in the crime-as-a-Service marketplace. 

 

Source: Jack Chapman VP of Threat Intelligence, Egress
Tags: BusinessesCrime
ShareTweetShare
Plugin Install : Subscribe Push Notification need OneSignal plugin to be installed.

Search

No Result
View All Result

Recent News

Inaugural AfCFTA Conference on Women and Youth in Trade

Inaugural AfCFTA Conference on Women and Youth in Trade

September 6, 2022
Instagram fined €405m over children’s data privacy

Instagram fined €405m over children’s data privacy

September 6, 2022
8 Most Common Causes of a Data Breach

5.7bn data entries found exposed on Chinese VPN

August 18, 2022

About What We Do

itechnewsonline.com

We bring you the best Premium Tech News.

Recent News With Image

Inaugural AfCFTA Conference on Women and Youth in Trade

Inaugural AfCFTA Conference on Women and Youth in Trade

September 6, 2022
Instagram fined €405m over children’s data privacy

Instagram fined €405m over children’s data privacy

September 6, 2022

Recent News

  • Inaugural AfCFTA Conference on Women and Youth in Trade September 6, 2022
  • Instagram fined €405m over children’s data privacy September 6, 2022
  • 5.7bn data entries found exposed on Chinese VPN August 18, 2022
  • Fibre optic interconnection linking Cameroon and Congo now operational July 15, 2022
  • Home
  • InfoSec
  • Opinion
  • Africa Tech
  • Data Storage

© 2021-2022 iTechNewsOnline.Com - Powered by BackUPDataSystems

No Result
View All Result
  • Home
  • Tech
  • Africa Tech
  • InfoSEC
  • Data Science
  • Data Storage
  • Business
  • Opinion

© 2021-2022 iTechNewsOnline.Com - Powered by BackUPDataSystems

Welcome Back!

Login to your account below

Forgotten Password?

Retrieve your password

Please enter your username or email address to reset your password.

Log In
Go to mobile version