Cyber-attacks: it’s no longer if but when

January 5, 2016 markmulready

The Internet has transformed how businesses operate today. Never before has so much been done online. The dark side to this connectivity is that the threat of cybercrime is increasing and becoming more professional. It’s no longer a case of if you will fall victim to a cyber-attack but when. Are you ready?

No business is immune
It’s not just Irdeto’s cyber-services team which is witnessing a growing concern about cyber-attack threats. The 2015 news headlines regularly featured highly publicized attacks: TV5Monde, Ziggo to name a couple of media examples. And in their 2015 data breach investigations report, Verizon’s figures paint a clear picture of the impact:

  • 400 million (USD) financial loss
  • 700 million compromised records
  • 79,790 security incidents
  • 2122 confirmed data breaches

Technology or human weakness
We are often reassured that an organization has the latest virus and security software installed. Of course, they’re protected. Although outdated software is a common vulnerability which hackers can exploit, the vast majority of cyber-attacks rely on some sort of human interaction.

There are numerous ways cybercriminals instigate this interaction: end users clicking on malicious links resulting in malware infections, employees falling for a phishing campaign providing their credentials or even using a “free” USB stick which they were given allowing rootkits to be installed and then accessed remotely.

Attacks come in many forms
There are a range of different attack types which a cybercriminal can use. Too many to go into each one in detail but to give you a flavor:

  • Defacement. Where attackers gain access to your webserver and replace a standard webpage with something of their choosing. (TV5Monde)
  • Distributed denial of service. Multiple systems, often compromised by malware, attack a specific target absorbing all the bandwidth resulting in customers not being able to access their service. (Ziggo)
  • Injection attacks. OTT platforms can be attacked by abusing configuration errors allowing cybercriminals to inject their own malicious code, leaving customer data records vulnerable to exploitation.
  • Zero-day. These newly discovered vulnerabilities give attackers the chance to exploit the security weakness before a patch is released. These are commonly sold to large criminal organizations.

And the costliest of all are attacks which are highly targeted to a specific organization.

Preparing for the inevitable 
The battle-lines against cybercrime differ for each customer. There’s no one size fits all. The extent that a cyber-attack impacts your organization comes down to how prepared you are and how quickly you can respond.

IT security assessments and cyber incident planning & response services help organizations understand their security posture and implement measures to reduce their exposure. Relying on experts that really understand your business ensures that as the threat landscape changes you’re able to adapt and evolve your defenses accordingly.

Cybercrime readiness is about more than just technology. It is a business challenge. Getting the basics right can significantly lower the overall risk. How ready are you?

Previous Article
Is the next-generation white box cryptography the new Jedi?
Is the next-generation white box cryptography the new Jedi?

In Star Wars: The Force Awakens, the sinister First Order dominates the galaxy, with only a small band of t...

Next Article
Balancing security and usability in the pay-media world
Balancing security and usability in the pay-media world

Let’s face it; if consumers don’t get what they want, they look elsewhere. Gone are the days of loyalty due...