The FINANCIAL — Cybercrime includes a broad range of attack vectors that seek to gain unauthorised access to a network, before extracting data and money to be exploited and/or sold on the dark web.
The tools hackers use to achieve their objectives range from overt code-based attacks to trickery and social engineering, including phishing attacks – widely regarded as the most common intrusion method businesses face on a daily basis.
In a 2020 report, the UK Government estimated that cybercrime costs the UK economy approximately £27 billion per year. Companies whose data has become compromised following a successful phishing attack are in grave danger of going under.
What are phishing attacks?
The UK’s National Cyber Security Centre defines a phishing attack as any ‘attempt to trick users into doing the wrong thing, such as clicking a bad link that will download malware or direct them to a dodgy website.’
Phishing attacks predominantly occur via email. Hackers deploy sophisticated techniques (such as ‘spoofing’, where the email appears to originate from a legitimate source) to mask their intentions and fool employees into doing their bidding.
What this means in practice is fairly straightforward:
- A hacker conveys a message to a user (via text message, social media, email or over the phone) that attempts to trick the user into surrendering information.
- Once the user has either followed a link to a malicious website, or downloaded a corrupt file, the hacker is able to extract data or login information from the network that grants them wider access to multiple data sources and/or business systems.
- The hacker then either demands a ransom for restoring the company’s access to their own data, threatens to publicise the attack, steals it or offers it for sale on the dark web.
What are the effects?
Financial damage
In their 2020 ‘Cost Of Cybercrime’ report, the UK Government places the cost of ransomware attacks to UK business at a staggering £2.7 billion per year, and despite it being enshrined within data protection legislation for businesses to breaches of a certain nature to the Information Commissioners Office (ICO), many attacks go unnoticed.
In 2020, approximately £2.3 billion was lost to direct online theft, or the theft of customer data. Given that phishing is the most common attack vector experienced by UK businesses, it’s reasonable to assume that a sizeable portion of the combined £5 billion resulted as a direct consequence of some form of phishing attack.
What’s even harder to estimate is the cost of the necessary remedial action that businesses are forced to take in the event of a successful attack. Entire networks facilitating hundreds of users are forced offline to mitigate further damage; business critical financial systems that facilitate payments may need to be paused and costly system upgrades to antivirus platforms need to be enacted immediately, and without proper planning.
Reputational damage
Quite often, it’s not the financial damage incurred from an attack that wreaks the most havoc – it’s what happens to a firm’s relationships with its customer base, once they are forced to acknowledge that their clients’ data is now in the hands of criminals intent on exploiting it for financial gain.
In 2019, leading global risk management consultants discovered that in the event of an intrusion, brand damage costs more to a business than any resulting loss of working capital or man hours.
Reputational damage is notoriously difficult to quantify, and the risk is proportional from sector to sector, but across the board, businesses and consumers usually take a dim view of their data falling into the wrong hands.
Regardless of the chain of events that led up to a breach, client confidence is not easily restored. In the eyes of the customer, culpability for the breach all too often falls at the feet of the business in question, rather than the criminals who stole the data.
How can phishing attacks be prevented?
Cybersecurity & BUDR
Advanced email protection platforms scan incoming email for malicious links and deploy a quarantine zone for suspect messages to either be permanently deleted or released as legitimate. Such platforms are based upon globally maintained lists of files and email domains that pose a threat, drawn from the collective research of the world’s leading cybersecurity experts.
In addition to gateway security, centralised antimalware detection should be in place throughout your organisation’s entire asset list, along with a robust and well-maintained backup schedule to guarantee business continuity in the event of an emergency.
Employee training
No cybersecurity system is 100% effective at stopping external threats at source, and malicious communication sometimes finds a way to reach all levels of employees. This is precisely why staff should be made constantly aware of the ways in which criminals attempt to circumvent security systems by communicating with them directly.
Discussion about this post