Month: September 2022
The 5 most common types of Cyber attacks in 2022
Increasingly cybersecurity needs to be thought of as a critical component in business continuity. It is the beating heart of business, how we communicate and collaborate. Failure in this critical component can bring business to a grinding halt. This article will cover:
- Cyber security statistics
- 5 most common types of Cyberattacks
- Security best practices
- Microsoft Security Solutions
With ever increasingly complex environments, with hybrid work and the move to the cloud, the risk only increases.
Let’s look at some statistics to put this into context:
- 2021 was one of the most active years for cyberattacks. According to Check Point Research, cyberattacks increased 50% year-over-year, with each organization facing 925 cyberattacks per week globally.
- The average total cost of a data breach increased from $3.86 million to $4.24 million in 2021. (IBM)
- In 2020, the average time to identify a breach was 207 days. (IBM)
- 95% of cybersecurity breaches are a result of human error (Cyberint)
- The five most common cyberattacks in 2021 included phishing, ransomware, malware, data breach and Distributed Denial of Service DDoS
The 5 most common types of cyber-attack:
1: Phishing:
Phishing is a type of social engineering that uses emails, text messages, or voice mails that appear to be from a reputable source to convince people to give up sensitive information or click on an unfamiliar link. Phishing and other types of social engineering attacks are the most prevalent and dangerous types of cyberattacks. 85% of breaches involve the human element (Verizon). Phishing attacks are responsible for more than 80% of reported security incidents, with 90% of data breaches occur due to phishing (Cisco).
2: Ransomware:
Ransomware is a form of extortion that uses malware to encrypt files, making them inaccessible. Attackers often extract data during a ransomware attack and may threaten to publish it if they don’t receive payment. In exchange for a decryption key, victims must pay a ransom, typically in cryptocurrency. Not all decryption keys work, so payment does not guarantee that the files will be recovered.
Security provider SonicWall reported nearly 500 million attacks through September 2021, with a staggering 1,748 attempted attacks per organization. This is equivalent to a business facing 9.7 ransomware attempts every day. (SonicWall)
The average ransom paid by mid-sized organizations was $170,404 while the average cost of resolving a ransomware attack was $1.85 million (Sophos)
3. Malware:
Malware is a catchall term for any malicious software, including worms, ransomware, spyware, and viruses. It is designed to cause harm to computers or networks by altering or deleting files, extracting sensitive data like passwords and account numbers, or sending malicious emails or traffic. Malware may be installed by an attacker who gains access to the network, but often, individuals unwittingly deploy malware on their devices or company network after clicking on a bad link or downloading an infected attachment.
In 2020, 61 percent of organizations experienced malware activity that spread from one employee to another. In 2021, that number rose to 74 percent, and in 2022, it hit 75 percent (Mimecast).
4. Data Breach:
A data breach occurs when the data for which your company/organisation is responsible suffers a security incident resulting in a breach of confidentiality, availability or integrity. (EU)
1,291 data breaches through September 2021. This number indicates a 17% increase in data breaches in comparison to breaches in 2020, which was 1,108. There is also a steep increase in the number of data compromise victims (281 million) during the first nine months of 2021 (ITRC)
The average total cost of a breach in 2021 was $4.24 million. (IBM)
5. DDOS
A distributed denial-of-service (DDoS) attack is a malicious attempt to disrupt the normal traffic of a targeted server, service or network by overwhelming the target or its surrounding infrastructure with a flood of Internet traffic.
There were 9.84 million DDoS attacks in 2021. (HIPPA) The average cost of a DDoS attack in the US is around $218k without factoring in any ransomware costs (Corero)
Cybersecurity best practices:
With the move to hybrid and remote work, a security model needs to be adopted that protects people, devices, apps and data regardless of location. A Zero Trust framework starts with the principle that you can no longer trust an access request, even if it comes from inside the network. To mitigate your risk, assume you’ve been breached and explicitly verify all access requests. Employ least privilege access to give people access only to the resources they need and nothing more
Conduct regular cybersecurity training
Cybersecurity is a shared responsibility across the organisation. As shown by earlier statistics most attacks come from human error/inside the org. With personal and work devices used interchangeably, the risk is compounded. Regular training can help mitigate risk and prepare your employees in the event of an attack.
Institute cybersecurity processes
To reduce your risk from cyberattacks, develop processes that help you prevent, detect, and respond to an attack. Regularly patch software and hardware to reduce vulnerabilities and provide clear guidelines to your team, so they know what steps to take if you are attacked.
You can get guidance from cybersecurity frameworks such as the National Institute of Standards and Technology (NIST).
Invest in comprehensive solutions
As the risk to your business from cybersecurity increases, as does the technology solutions that help address security issues. I’ll address some of the Microsoft offerings below
Protect access to your resources with a complete identity and access management solution that connects your people to all their apps and devices. A good identity and access management solution helps ensure that people only have access to the data that they need and only if they need it. Capabilities like multifactor authentication help prevent a compromised account from gaining access to your network and apps.
Stay ahead of threats and automate your response with security information and event management (SIEM) and extended detection and response (XDR). A SIEM solution stitches together analytics from across all your security solutions to give you a holistic view into your environment. XDR protects your apps, identities, endpoints, and clouds, helping you eliminate coverage gaps.
Identify and manage sensitive data across your clouds, apps, and endpoints with information protection solutions that. Use these solutions to help you identify and classify sensitive information across your entire company, monitor access to this data, encrypt certain files, or block access if necessary.
Control access to cloud apps and resources and defend against evolving cybersecurity threats with cloud security. As more resources and services are hosted in the cloud, it’s important to make it easy for employees to get what they need without compromising security. A good cloud security solution will help you monitor and stop threats across a multicloud environment.
Microsoft Security products:
Azure Active Directory: Cloud Active directory. Secure adaptive access with a complete identity and access management solution.
Microsoft Sentinel: Birds-eye view across the enterprise with cloud-based SIEM and AI.
Microsoft 365 Defender: Prevent and detect attacks across your identities, endpoints, and apps with automation and AI.
Microsoft Defender for Cloud: Protect multicloud and hybrid cloud workloads with built in XDR capabilities
Microsoft Defender for Cloud Apps: Deep visibility of cloud apps with a leading cloud access security broker.
Microsoft Defender for Endpoint: Discover and defend Windows, macOS, Linux, Android, iOS and network devices against sophisticated threats.
Microsoft Defender for Identity: Protect on-premise identities and help detect suspicious activity with cloud intelligence.
Microsoft Defender for IoT: Full visibility and continuous threat monitoring of your IoT infrastructure.