CYBERSECURITYAs Cybercrime Evolves, Organizational Resilience Demands a Mindset Shift
Facing the threat of state-sponsored cyberattack groups, the financial motivations of organized cybercrime gangs and the reckless ambitions of loosely knit hacktivist collectives, organizations are fighting a cybersecurity battle on multiple fronts.
Facing the threat of state-sponsored cyberattack groups, the financial motivations of organized cybercrime gangs and the reckless ambitions of loosely knit hacktivist collectives, Australian organizations are fighting a cybersecurity battle on multiple fronts.
While an attacker’s goals can be amorphous and hard to define, the tools, tactics and procedures deployed against private and public organizations are constantly evolving.
Nowhere is this more apparent than in malicious emails. A tell-tale giveaway used to be poorly written and grammatically incorrect correspondence urging the user to click a link or open an attachment. With the advent and large-scale adoption of generative artificial intelligence platforms such as ChatGPT and Bard, the malicious is getting harder to distinguish from the mundane.
As AI-enhanced attackers continue to target Australian organizations, is it possible to be completely secure?
No, it’s not.
Short of taking your operations entirely offline, no silver bullet, no enchanted widget, no magic bean will stop all cyberattacks.
Although it’s impossible to completely inoculate your organization from cyberattacks, it’s entirely possible to limit the impact of the inevitable breach.
With attackers honing their craft to inflict maximum damage, businesses need to build resilience to ensure that an attack is a relatively minor inconvenience rather than a catastrophic incident.
It’s clear the stakes are high. A recent ransomware attack took an Australian financial services firm offline for five weeks. The cost of this downtime and remediation has been forecast to reach $95 million to $105 million.
While threats range from compromising business email and man-in-the-middle interventions to distributed denial-of-service (DDoS) attacks and zero-day exploits, attackers appear to favor ransomware—the Swiss army knife of attacks. Not only can denying an organization its data further political, financial or activist aims, but ransomware-as-a-service operations significantly lower the barriers to entry for cybercriminals.
In its purest form, a ransomware attack seeks to make critical data unavailable to the victim. This is traditionally achieved by encrypting the data and demanding a ransom be paid to receive a decryption key. Unfortunately, even paying the demand is no guarantee. Recent Rubik research found that only 14% of Australian organizations that paid the ransom were able to recover all their data.
Governments and law enforcement agencies around the world are increasingly urging organizations not to pay ransom, and organizations have improved their use of backup data to recover business operations.
