The pandemic has created a perfect environment for cybercriminals to flourish, with more employees forced to work from remote unsecured networks access points, cybercriminals getting smarter, and more accessible and flexible payment channels for them to be compensated than ever before.
Last week, the World Economic Forum pointed to cyber attacks as one of the biggest risks facing businesses today, with as many as six attacks taking place for every minute in 2021.
“Because of the pandemic, people are pushing more inter-company applications to become externally accessible via the internet through supposed secure VPN connections. This presents a growing number of potential access points to your corporate or production network,” said Peter Williams, managing director of Asia at Continent 8 Technologies.
“Now you have remote workers, remote offices, and external clients and partners all of which are accessing your corporate data over the internet,” giving more points of weakness within an organization for tech-savvy criminals to leverage.
“They’re also becoming more sophisticated,” said Williams. “Phishing, ransomware, and malware as examples are major risks for companies who believe they are protected until they have been compromised. A day does not go by when you cannot read about companies hacked and undermined. In many cases, the losses can be catastrophic and unrecoverable.
Just last week, Australia’s scam watchdog Scamwatch warned they had received reports of SMS messages claiming vaccine recipients could get a payment after being vaccinated – cleverly disguising itself to look like an official message from the Australian Department of Health.
If an unsuspecting person were to click the link within the SMS, the website would covertly install malware in the person’s device potentially allowing the hacker to retrieve sensitive data, such as passwords, bank account details, and contact information.
“If you don’t have endpoint detection software, properly monitored and managed by someone who knows what they’re doing on every device, then you’re going to be susceptible to that,” said Williams.
Continent 8 focuses on protecting the online gambling industry from all possible variants of cyber-attacks. They can range from the pure volumetric-based attacks designed to overwhelm your resources, or even more dangerously clever and targeted application attacks and data breaches. Some can create temporary and costly interruptions, others can be unrecoverable such as data breaches.
In the online gaming industry – which garners little to no loyalty amongst players, this is akin to a death sentence, says Williams. Punters met with a downed website would move to alternative websites, potentially never to return.
Like in other industries, it’s an issue that has become more problematic over the course of 2021.
Continent 8 last week reported a record quarter of Distributed Denial of Service (DDoS) attacks amongst its clients in 3Q21 – reaching 546 attacks compared to just 240 from the previous quarter.
“Our latest statistics align with wider trends that show a steep rise in the number of cyberattacks being launched against businesses and organizations around the world, with DDoS and Ransomware the most prevalent methods of attack,” said the company in a statement.
According to Gartner Research, the average cost of downtime for a small-to-medium business is around $5,600 per minute. For larger businesses, each attack causes on average around $2.5 million in lost revenue.
This is multiplied in the case of data breaches (such as malware or ransomware), where costs to businesses can be in the tens of millions depending on the company, said Williams.
Williams also notes that the rise in cryptocurrency has also played a catalytic role in the growth of cybercrime.
“From a ransom perspective. It’s getting easier to get paid money – i.e. through crypto, bitcoin, etc. In the past, there used to be a bank account, but now it’s getting more and more difficult [to trace them].”
“The message to any concerned companies who have not already engaged with a trusted security services company is to place this risk as a priority, and ensure your business is protected. If you are in any way unsure or concerned it should become one of the highest priorities. The stability of your company can be destroyed with just one incident as has been witnessed so many times in recent months and years,” William concludes.