–Insights from Ephraim Ebstein, CEO, Freedom Security Alliance
Many do not fully understand why cyber breaches are on the rise. The reason is very simple; it is extremely profitable. Data theft is profitable for the criminal with very little risk of repercussions. Cybercrime is no longer just a “super evil hacker” just trying to wreak-havoc. Cybercrime in 2017 will most typically be smart young men and women with little opportunity trying to scrape together a living. Imagine a young man living in Eastern Europe or Asia with very little financial opportunity and unopposed to unethical behavior. Cybercrime offers this person the opportunity to make a very good living from the comfort of their home, tax free!
Ransomware on the Rise
Ransomware is currently one of the most common security breaches. Many have read in the news about the successful Ransomware attacks on multiple healthcare, financial organizations, law firms, and even the San Francisco Rail System have been recent victims. The cost of a Ransomware breach is astronomical and not because of the ransom cost. The cost of downtime and reputation is extremely damaging and usually is far greater than a ransom itself. Compliance is also impacted, for example HHS will automatically consider any Ransomware attack a breach of private healthcare information and organizations must follow the government-mandated HIPAA notification process.
Ransomware Software can easily be purchased online for a criminal to use. Criminals then simply need to research their targets, draft emails, website advertisements or fake invoices to trick someone into clicking their link. It is easy for criminals to use and often pays off.
Will the trend go away?
Not likely as the money is too easy and too good for criminals to turn down. Therefore, Cybersecurity must be a multilayered approach. Basic defense such as intrusion prevention, Antivirus, strict password policies, and application use policies are a must, but no longer enough to stop criminals. The Cybercrime world has now advanced to the point that IT Departments need help and cannot rely on tools alone. Most companies have started to outsource 24/7 investigations, monitoring, and security assessments to Cybersecurity experts such as Freedom Security Alliance. Others have chosen to hire a team of Security Experts to monitor and investigate the environment around the clock. Very similar to an alarm monitoring service for homes, companies today require “eyes on glass” to stop that one breach that will eventually come. At FSA we take this responsibility seriously. When our team stops a data breach it pays itself off many times over.