Cyber criminals are reaping in illicit money by increasing lockdown and ransomware attacks as businesses changed the way people work remotely as a result of the pandemic, says a cybersecurity expert.
Speaking at the ASEAN Gaming Summit, Craig Lusher, senior product specialist from network solutions provider Continent 8, pointed out that before 2018 it took cyber criminals 10 hours to hack into a network/ system (breakout time), but now it takes less than an hour and a half.
“The money they made they re-invested it into their own technology and organization to rapidly reduce the breakout time to what it is today”, mentioned Craig Lusher.
“Internal IT and security teams take, on average, seven days to discover and remediate a security breach (if they can). This gives the attackers seven days to play inside systems, move data or infiltrate further”, he notes.
Access brokers gain access to target systems and, instead of stealing data themselves, they sell on that access to a third party, notes the expert.
“The access broker market is currently worth estimated $8.3 billion and is expected to rise to $28.48 billion by the end of the decade, [according to the Research and Markets – the cloud access security brokers report],” notes Lusher.
The expert notes that while cybersecurity is not a new issue, the threats are obviously rising and come in different forms.
“It takes on average 250 days for the company to realize that invalid credentials are in use. [Hackers] can cause a lot of damage in that time”, said Lusher.
“In fact, there is a huge rise is cloud breaches as attackers setup shadow cloud infrastructure and servers and move data around without the victim knowing. Attacks on clouds were up 288 percent in 2022 according to McAfee”, he notes.
Regarding the future of cyber security, Craig noted that the “breakout time will reduce further as ‘Auto-hacking’ AI tools scan websites/systems for vulnerabilities and automatically break in, trying different techniques to access without human interaction. More targets can be hit at the same time”.
“Using Chat GPT and simulated AI technology, an attacker can launch extremely convincing phishing attacks and social engineering”, he added.
Continent 8 is a collaborator of some of the biggest brands in online gaming, as well as companies in the finance, payment processing, and public services industries.