10 Spine Chilling Cyber Security Facts

10 Spine Chilling Cyber Security Facts

0 Comments

It’s that time of year again. The air is getting colder, leaves are starting to fall, and kids in costumes are running from door to door. Before you turn on the next horror movie and jump at the slightest bump in the night, take a moment to read these truly scary facts about cyber security.

The most terrifying part about reading these grave statistics is that they appear to get worse every year. In the event your company needs a little motivation to pay more attention to your cyber security measures, please take a close look at these spine-chilling cyber security facts!

According to cyber security experts, a cyber attack occurs at least every 30 seconds with about 4,000 ransomware attacks a day (a 36% increase in 2017), and these numbers are projected to get worse.

Microsoft predicts that the potential cost of worldwide cybercrime will soon rise to $500 billion and a data breach will cost the average company almost $4 million.

According to the National Cyber Security Alliance, up to 60% of small and medium-sized businesses that suffer a significant cyberattack will go out of business within six months.

1 in 131 emails contains malware, and Panda security reports that 230,000 new malware samples are being produced every day. 58% of malware attacks are targeted at small businesses.

Microsoft estimates that 63% of all network intrusions and data breaches are because of compromised user credentials.

92% of malware is delivered through email, and Symantec reports that 88% of hacker emails use malicious attachments to deliver their attack.

According to the Ponemon Institute, only 21% of small and medium-sized businesses rate their ability to withstand cyberattacks as highly effective with a humbling 81% reporting that hackers have successfully evaded their cybersecurity measures.

Microsoft estimates that the average cybercriminal spends about 146 days within a network before being detected. Other reports put this depressing figure closer to 200 days.

IBM reported that the most rapidly growing cybersecurity threat is from crypto mining, which is malware designed to take over a system’s resources in order to mine cryptocurrency without the victim’s knowledge. 

The steadily growing amount of cybercrime will correspondingly increase the need for cybersecurity professionals to deal with these threats. However, according to CSO, the number of unfilled cybersecurity jobs is expected to increase from 1 million in 2016 to 3.5 million in 2021.

To put a little perspective on how seriously business leaders feel about growing cyber security threats, in a recent interview Warren Buffet mentioned that he considered cybersecurity threats a greater threat to mankind than nuclear war. If that doesn’t scare you, check out the facts below!

scary cyber security facts

Data Security in Online Banking

0 Comments

In today’s world of banking it seems as if everything is done online. Having digital records of all your financial assets is a great idea, if done correctly. 

However, one risk that online banking faces and isn’t talked about very much about –is the possibility that bad players can do great harm to the financial data.

We’ve all heard about the risks of ransomware attacks, but what would happen if a bad apple within the organization were to “delete” all the institutions data? Not only would mass panic and chaos ensue, but the consequences would be overwhelming.

Thanks to this amazing thing we call the internet, there are more ways than ever to hack a bank. According to report by Positive Technologies, banks are just as prone as any other institution to cyberattacks. In fact, hackers often get credentials through phishing scams.

The report shows that “employees at 75% of banks reviewed had clicked on links in phishing messages, and those at 25% of banks entered their credentials in a fake authentication form.”

While banks have suitable solutions for recovering from normal events such as natural disasters, blackouts, and human error; they have a lot of learning to do in being able to survive and quickly recover from a cyberattack.

Online Banks Protecting Data

How can a bank’s data be protected? The answer is far more complex than investing in the best cybersecurity systems. Banks already spend vast amounts on IT security, in some cases more than three times the amount of nonfinancial institutions.

In addition, banks are mindful to protect data by backing it up. Data backups are created using multiple copies of critical data such as customer transactions.

Some of those copies are recorded at the time the transaction occurs and others are recorded every hour, day, or week. Several of the backups use databases or application technologies, whereas others use traditional or cloud storage.

If somehow hackers gained authorizations to the storage system itself, they could possibly corrupt or erase the critical data or all the copies of that data. 

Banks should have off-site recovery plans in place like tape backups. However, those take time to get online, and might not include the most recent customer transactions since they’re kept in an offline state. So, if hackers can just as easily destroy backup data as they can original data, what can banks do to protect their customer’s data?

In order to ensure data security and survive a cyberattack that intends to erase critical data, banks should observe to the following protocols:

  1. Identify the critical data that is required for operating the business. Obviously no business critical data should be labeled as unimportant, but you should be able to identify which data is deemed absolutely necessary to keep the business afloat. That data should have multiple backups in multiple locations.
  2. What is the resiliency for each data type Ask yourself, how long will it take the business to recover if any data is destroyed? Depending on the data that is lost, it could take hours, days, or even weeks to fully recover. How much revenue would be lost in that time?
  3. Create an infrastructure that provides the level of protection your business needs.A smart data protection strategy is to regularly backup data to WORM or write-once, read-many storage devices. This guarantees that data cannot be overwritten or corrupted. Such data storage devices should be secured with credentials that are only available during non-business hours.
  4. Always confirm that the cyber-recoverability requirements are correctly executed in your infrastructure.It is imperative to confirm after each change, upgrade, update, or modification, which takes place in your IT infrastructure that the recovery requirements are still intact and understood by all stakeholders.