Their names are Shadow Brokers, WannaCry, Petya and Cloudbleed, and they’re just a handful of the biggest cyber security disasters of 2017 – so far. These malware and ransomware attacks have left no industry safe. Hospitals, pharmaceutical companies, the NSA, the CIA, shipping companies and even security firms have experienced crippling attacks resulting in data and monetary loss, the release of sensitive customer information and reputational damage. Although cyber attacks have been transpiring more prominently in the last 30 years, we’re now seeing a grave difference in the targets of the attacks, the severity of them, and the preparedness of the attackers.
In the early 1990s, most U.S. cyber attacks were aimed at government agencies and organizations like the U.S. Air Force, the Department of Justice, and the Pentagon. Fast forward to today, and although many government agencies are still targeted, we also have Game of Thrones fans in a panic on a weekly basis, worried that the latest episode will be hacked and leaked. The cyber hackers of recent history have illustrated a vast spectrum of varying motivations, the most common being financial gain or to advertise a political message. No matter the agenda, the costs are becoming astronomical. According to The Ransomware Damage Report, global ransomware damage costs are predicted to exceed $5 billion in 2017, up from $325 million in 2015. The costs include damage and destruction of data, downtime, lost productivity, employee training and reputational harm.
When the WannaCry strain of ransomware was unleashed across the world earlier this year, hundreds of thousands of corporations were targeted including the National Health Service hospitals in the U.K. The hackers behind the ransomware attack only pocketed $130,000, but the resulting cost is estimated to be in the billions. A week later, Disney’s CEO, Bob Iger, sought help from the FBI when hackers threatened to release the latest Pirates of the Caribbean movie if he didn’t pay a ransom. The FBI launched an investigation but concluded it was an empty threat. Although the hackers didn’t have access to the movie, their bluff highlights the complexities of the cyber attackers’ motivation. With attacks on the rise, companies are no longer apt to wait and find out whether or not these threats are valid.
A 2016-2017 global information security survey interviewed thousands of CIOs across the globe and found that organizations have become more confident in their ability to predict and detect a sophisticated cyber attack, with 50% of organizations saying it was likely they would be able to do so – the highest level of confidence since 2013. As bleak as 50% sounds, expect this percentage to increase annually as the costs of cyber attacks are anticipated to increase a billion dollars annually.
It’s no question that cyber attacks are expensive and gain worldwide attention, but why have they become more frequent in the last decade? Despite extensive research on these forms of attacks, it appears that many businesses have the same question. Companies that have seemingly been “untouched” for decades are now being targeted. Hackers have certainly become more industrialized and organized, but research institutions haven’t yet been able to determine a catalyst. Do we blame our modern political landscape? The binge-worthy shows Netflix and HBO keep producing? Economic inequality? More modernized technology that lets you attack from the comfort of your own home?
So how do you protect yourself from a potential cyber crisis? If you think you’re being attacked, disconnect your PC from your network. Do not pay any ransom (you’ll never get your data back anyway, so save your money), update your operating system regularly and keep a regular backup. Install anti-virus and anti-malware software and make sure to keep them updated. Just because you don’t work at a large corporation, doesn’t mean you’re untouchable. So for all of you out there ignoring Norton and McAfee… just do the damn update.