Posted on August 4, 2019 at 1:28 PM
Companies Need Up to 50 Days to Recover After Destructive Cyberattacks
In the past, cyberattacks used to happen mostly for purposes of spying and data theft. As recent as 2018, however, research has shown that malware intended to cause harm is on the rise.
This kind of malware is known to have wiper elements; that is, the virus can delete files on the hard drive. This does not mean that the sole purpose of the malware is to delete files.
Ransomware is a type of malware that blocks a user’s access to his or her files and demands a ransom for them. Some ransomware threatens to delete the victim’s files if the ransom is not paid. It is this threat of file deletion that worries researches, who are taking notice of extremely new viruses with that ability, like LockerGoga and MegaCortex.
IBM claims that the use of this kind of malware is now twice what it was during the second half of 2018.
Companies under attack
Companies that suffer from cyberattacks usually struggle to repair the damage. When a cyberattack is successful, the target company is estimated to require 500 to 1,200 hours of working hours just to recover from the damage. This is the equivalent of up to 50 days of uninterrupted work to get back to where things were before the cyberattack.
The average number of workstations affected by a single cyberattack attack lies at around 12,000. An estimate by the Ponemon Institute puts the average cost of a data breach at $3.92 million, though the figure can be a lot higher – sometimes surpassing $200 million.
Manufacturing companies are the most affected, making up 50% of the attacks, according to research. Other specific fields, like education, are also more likely to be targeted.
Christopher Scott, who works for IBM, has identified two categories of destructive viruses: “Either the malware lies low and gathers some information before a planned and calculated attack, or it does as much damage as possible immediately after breaching the system.”
A defensive war
Companies have been investing a lot in cybersecurity for decades now. Hacking was a far easier endeavor 20 years ago than it is today. The problem is that hackers are also getting more sophisticated.
Protecting a system from viruses is an easy task; gone are the days when hackers could easily gain access to corporate databases from the comfort of their homes. The problem is that hackers have been turning to people, not computer networks, to find a breach in the system.
Modern hackers believe that people are easier to exploit than computer systems, so they rarely bother trying to bypass sophisticated firewalls. Phishing emails and watering hole attacks are among the most common ways hackers infiltrate their targets today.
Phishing emails are a way for hackers to gain network credentials. They consist of sending the target a web page that looks like a web page the target is familiar with but was actually made by the hacker. For example, a phishing email could lead someone to a fake company website log-in page. The victim would then input their real credentials, which would be sent straight to the hacker. Once the hacker has real credentials, it is easy for them to breach the system.
Watering hole attacks are a little more complex. Here, either through guesswork or observation, the attacker figures out which websites are used by the victim and breach them. Then, when the victim uses one of the compromised websites, the attacker gains access to their system.
For companies to effectively defend themselves against these new attacks, it is crucial that they implement security measures not only to their computer systems but also their workers. In a world with increasingly better cybersecurity, hackers have already realized that the easiest way into a company’s system is to trick the workers into giving them access.
