None of us want to imagine that a cyber attack will really happen to us. They can inflict devastation losses, from financial and technical to reputational. Unfortuntely, far too many businesses take a “it will never happen to me” approach. While it may seem cumbersomen to allocate increasing portions of company revenue to cybersecurity, you must remember that no organization is immune to attack.
The cost of protecting your business is nothing compared to the potential losses you could face. Understanding these financial implications is a valuable tool when explaining the value of investing in cybersecurity to your organization.
A recent CSO Online study found that data breaches cost enterprise-level businesses an average of $3.9 million annually, and $2.4 million for smaller companies (500 employees or less). The teams at Telegram, a popular messaging app, and the United Health Service (UHC) are experiencing the fiscal pains of cyber attacks first-hand.
Although the details of most breaches aren’t made public, many of the largest data breaches exhibit key symptoms of attacks that leverage machine identities, such as abuse of privileged access, moving between systems via trusted access, and persistence for long periods of time on the network.
A security firm recently corroborated the discovery of a phishing campaign targeting users of Telegram, a popular messaging app. A malicious domain was disguised and distributed to bypass secure email gateways and trick victims to handing over their credentials.
While Telegram does employ end-to-end encryption with its advanced service, normal messages are not encrypted. Additionally, fraudsters took advantage of Telegram’s API to create realistic-appearing domains to bypass email security.
Targets were sent what appeared to be an internal Telegram email. Classic to phishing attacks, the emails had urgent subject lines promoting the need for immediate action in bold, capital font. This type of language in subjects always be a red flag. Once opened, a button prompts users to “log in” to their account to review “pending messages”. Another red flag!
Telegram has not released official numbers on the financial impacts of this phishing campaign, but the average cost of lost or stolen credentials of is $142 per individual (according to IBM). Even a small percentage of Telegram’s 500 million active monthly users would be a major blow.
Universal Health Services (UHC), a Fortune-500 hospital network, was hit with a cyberattack that left a staggering $67 million dollars of damages in its wake. And while we can’t confirm that encryption was misused in this attack, many believe that there was a ransomware component. Subsidiaries of UHC include 26 acute care hospitals, 328 behavior health impatient facilities, and 42 outpatient and ambulatory facilities across 38 states. Suffice to say: the unexpected cyber attack had incredibly far-reaching implications.
Some of the expenses UHC had to take on included significant incremental IT labor to help repair the damage, delays in billing and receiving income owed from previous patients, as well as the steep loss in revenue from having to regularly divert incoming patients to competitors' facilities.
Even before 2020, hospitals have always been considered high-risk targets of cyber attacks. Consequences range from losing confidential patient information to the dire situations of having to turn away patients in critical care. In the wake of coronavirus, Check Point Software confirmed that cyber attacks on hospitals and healthcare organizations surged upwards by 45%.
Cybersecurity Ventures predicts that worldwide cybercrime costs will hit $6 trillion annually by the end of 2021, and $10.5 trillion by 2025. Plus, let’s not forget how COVID-19 factors in. Since the pandemic began, the FBI has reported a 300% increase in cyber crimes. The growth of remote work, which will likely continue after the pandemic finally comes to an end, has raised the average cost of a data breach by $137,000.
Considering these numbers, it is baffling that 70% of U.S. security executives expect their budgets to be significantly reduced in 2021 and 2022.
It has never been more important to invest in data encryption and network security, particularly with a vendor that is tuned into the rapidly changing landscape of cybersecurity. But you can’t stop there. If you do not protect the keys and certificates that create the machine identities used to encrypt machine-to-machine communications, then you may still be vulnerable to attack. PlusFor instance, even if you may think you have a handle on machine identity management today, but are you prepared for how new development such as quantum computing will completely change the way you need to think about certificate management?
If you’re not already investing in cybersecurity and machine identity management, now is the time to start!