Rising cybercrime puts the pressure on every business

Share on facebook
Facebook
Share on twitter
Twitter
Share on linkedin
LinkedIn

The shift to working from home and the move to digitise all aspects of corporate operations have expanded the attack surface. This increased risk is demanding new policies, protocols and security solutions to make sure organizations don’t become victims of cybercriminals.

Cybercrime has escalated to involve an entire ecosystem of players, including hackers who carry out attacks, experts who develop the tools they need, skilled technical support teams, and middlemen who negotiate ransom payments for companies whose systems are being held hostage, says security strategist Jonas Walker of FortiGuard Labs.

 Hackers can buy and sell all the services they need on the dark web inhabited by the criminal fraternity, Walker said at the recent Africa Virtual Security Day hosted by Fortinet.

Criminals can access programs that list the IP addresses of millions of remote desktops connected to the internet without proper security, and see their user names. Once a hacker has an IP address and user name, he just needs their password to infiltrate their corporate network. That isn’t difficult when end users are notoriously lax in their behaviour, Walker told the keynote session.

Criminals can trawl through records of previously hacked accounts to pick up exposed passwords that someone may have used for their other accounts. If that fails, strong-arm software can input every common password and run hundreds of thousands of more complex combinations simultaneously.

Gone phishin’

Criminals can also phish their way into a network and introduce malware through human error. It isn’t hard to create a document that looks like a genuine corporate communication, and if just one employee clicks on it, the malware it contains will infect the network and a ransom attack can begin. After malware is installed, a hacker may take the time to snoop around and thoroughly examine the business processes, security layers and the data back-ups so they can encrypt them too.

Attacks often involve a coalition of players and take months of planning for maximum impact, said Walker, emphasising how this has become a huge and unstoppable industry. “They are top notch when it comes to support and they treat this like a normal business,” he said. As a result, an average of 1 billion attempted attacks are now being recorded every day by FortiGuard Labs.

Individual hackers often partner with organisations that develop these sophisticated tools and supply them as Ransomware As a Service. The groups also help the hackers to download or encrypt sensitive information so they can blackmail their victims.

Then negotiators get involved to bargain the hackers down and persuade the victims to pay up. “There are companies who do nothing else except support hacked businesses when it comes to ransomware negotiations. That says a lot about the times we are living in and really shows there’s a big demand,” Walker said.

It can become a surprisingly civilised process, with the hackers politely advising their victims on security steps to avoid future encounters.

Fending off the unseen threats

After painting this picture of the unseen threats around us, Walker outlined the crucial steps that every firm and individual user should be following.

Despite the crucial nature of cyber security, there are still no guaranteed defences and no perfect software that doesn’t have any vulnerabilities. “It’s not about having every silver bullet on the planet, it’s about the people in your environment and understanding the endpoint protection that you need,” Walker told the audience. “It’s a combination of skilled people, good business practices and strong technology, because the threat actors are using sophisticated equipment and getting better funded through the ransom payments.”

The most basic measures are to avoid using the same password for different accounts, and to use a password manager to generate strong, unique passwords. Two-factor authentication is also essential, so if a hacker enters the correct password, they can’t get in without the code that is sent to the genuine user.

Cyber hygiene is vital, yet companies don’t always block their networks to staff members who quit, leaving a door open to sabotage by disgruntled ex-employees. End users should also take personal responsibility and not access the corporate network with the same device that they use to stream services from unsecured sites, he added.

 More openness and collaboration with regards to cybercrime is essential for beating the bad actors, Walker believes. As part of that, Fortinet is a founding member of the World Economic Forum’s Centre for Cybercrime (C4C) and of the Cyber Threat Alliance (CTA) and collaborate with organizations such as INTERPOL, NATO or the FBI to help counter cybercrime.

We've helped thousands, now let's help you.

We are committed to helping you to make an educated buying decision, and finding the best telecoms partner for your business.

Compare VoIP Providers in South Africa