‘Why cybercrime is at all-time high’
The last six months have seen a surge in the activities of cybercriminals, with various attacks unleashed on organisations and businesses in Nigeria and other parts of the globe.
The attacks range from malware and trojans to ransomware among others. This has caused businesses and organisations to lose millions of dollars, though underreported. Julia Carvalho, General Manager in charge of Africa Growth Markets, IBM, spoke with ADEYEMI ADEPETUN, on why cybercrime is at an all-time high and not abating despite efforts to address the menace.
Cyberattacks in Nigeria and across the globe are on the rise. What factors are fueling it?
Over the past couple of years, cyberattacks evolved as threat actors sought to profit from the unprecedented socioeconomic, business and political challenges brought on by the COVID-19 pandemic.
This past year, attackers have pivoted their attacks to businesses for which global COVID-19 response efforts heavily relied, such as hospitals, medical and pharmaceutical manufacturers, as well as energy companies powering the COVID-19 supply chain.
As organisations in Nigeria and across the globe, are faced with a growing remote workforce, which results in sensitive data moving across less controlled environments making it more vulnerable to a data breach.
The changes brought on by COVID have seen businesses forced to quickly adapt their technology approaches this past year, with many companies encouraging or requiring employees to work from home, and 60 per cent of organisations moving further into cloud-based activities during the pandemic.
The findings in IBM’s 2021 Cost of a Data Breach Report shed more light on this – revealing that security may have lagged behind these rapid IT changes, hindering organisations’ ability to respond to data breaches.
These attacks are diverse from malware to ransomware to trojan among others. From insights, which of these have remained most ferocious and made organisations more vulnerable?
Across the continent, we’ve seen ransomware and server access attacks grow to be the top attack types in the past year. Cybercriminals continue to exploit vulnerabilities and according to the IBM X-Force Threat Intelligence Index, this led to 50 per cent of the incidents X-Force remediated in the Middle East and Africa where the initial infection vector was known. Phishing and malware continue to be relentless threats, leveraged by cybercriminals.
Stolen credentials and phishing were also frequently used. We’re also seeing finance and insurance organisations under attack, with these industries making up 48 per cent of all attacks. This signals a potential shift from nation-state-sponsored energy-focused attacks in the Middle East and Africa region to cybercriminal attacks focused on financial organisations. As part of this trend, we also saw healthcare organizations make up another 15 per cent of attacks, and energy organisations are associated with 10 per cent of attacks.
We also saw that, when it came to the average data breach, compromised business emails were the most common method of attack breaches. Malicious insider attacks, social engineering and vulnerabilities in third-party software were also identified as the primary initial attack method for data breaches, costing organisations millions on average.
Overall, these trends increase the need to safeguard sensitive data at rest and in transit. Organisations need to double down on protecting their most valuable data – whether it’s customer, employee or company information – and ensure they have advanced security processes, like automation and formal incident response teams, in place.
Which part of the globe are these attacks coming from?
Cybercriminals are targeting all regions across the globe.
Interestingly, the Middle East and Africa is the fourth most attacked region in the world, with 14 per cent of attacks of global attacks in 2021 coming from this region – up significantly from eight per cent in 2020. This is according to the 2022 IBM Security X-Force Threat Intelligence Index, which also revealed that South Africa, Saudi Arabia and the United Arab Emirates are the countries most under attack
What role has COVID-19 played in cybercrime attacks?
The growth of remote work has had a significant impact on cyberattacks. As over 88 per cent of organisations, globally, required or encouraged employees to work from home, this has resulted in a greater attack surface, an increase in targeted malware, a rise in spam volumes and made corporate networks vulnerable through work-from-home employees.
With society leaning more heavily on digital interactions during the pandemic, more companies embraced remote work and the cloud as they shifted to accommodate this increasingly online world. The rapid shift to remote operations during the pandemic increased the average time to detect and contain data breaches. On average, globally, it took 214 days to identify data breaches and 52 days to contain them in organisations with more than 50 per cent remote work adoption.
In response, security teams have had to respond to the changing threats and remain vigilant against COVID-19 threats. There has been a greater focus on helping to secure remote workforces along with critical applications and systems.
Attacks target information and financial gains. How much is the Nigerian economy and businesses lost or have lost in the last year?
Nigeria, much like most countries across the globe, is losing millions every year as a result of cyberattacks.
Cybercrime is at an all-time high and there is a strong focus on security and privacy – particularly where critical workloads reside and scrutinising who and what has access to them.
Nigerian organisations have noted that infrastructure complexity is creating cracked doors that cybercriminals are exploiting. As the hybrid cloud approach has taken hold as organisations focus on the successful execution of digital initiatives, organisations are focused on data security. Over 80 per cent of companies are prioritising data security – noting that it needs to be embedded throughout their cloud architecture for the successful implementation of digital initiatives.
How effective has the Nigeria Cybercrime Law 2015 been?
We believe that regulations that require businesses to implement technical and organisational measures to protect the personal data they hold and to report security incidents in a timely fashion require technologies designed to meet varying compliance and regulatory requirements.
Companies studied show a need for platforms that help them address regulatory obligations, automation and orchestration to streamline their incident response and breach notification timeline. Additionally, managed security services and incident response expertise is essential in ensuring companies evaluate their security posture and implement the right training, policies, and tools to protect personal data and improve their incident response efforts in the event of an attack.
From IBM’s perspective, how can organisations, even countries protect themselves against data breaches?
While certain IT shifts during the pandemic increased data breach costs, organisations that said they did not implement any digital transformation projects to modernise their business operations during the pandemic incurred higher data breach costs. The cost of a breach was higher than average at organisations that had not undergone any digital transformation due to COVID-19 in comparison to those at a mature stage.
Companies that adopted a zero-trust security approach were better positioned to deal with data breaches. Organisations with a mature zero trust strategy, lowered the average cost of their data breach by millions- and those who had not deployed this approach at all suffered losses that cost millions more.
The adoption of AI, encryption, incident response testing and cyber resilience were the top mitigating factors shown to reduce the cost of a breach, saving companies millions. Investments in incident response teams and plans also reduced data breach costs. Companies with an incident response team that also tested their incident response plan, managed to save millions in the case of a data breach.
Can we know what this zero-trust security strategy is all about?
A zero-trust approach to security operates on the assumption that user identities or the network itself may already be compromised and instead relies on AI and analytics to continuously validate connections between users, data and resources.
For security professionals, zero trust is a framework for modernizing their overall security programs and helps them adapt to the risks emerging from their changing business environment. Embracing a zero-trust architecture enables organisations to add new capabilities and strengthen security.
IBM Security has also built a zero-trust blueprint which offers a framework for building a security program designed by applying the core principles of zero trust: least privilege access; never trust, always verify; and assume breach. These blueprints can offer companies a prescriptive roadmap of security capabilities along with guidance on how to integrate them as part of a zero-trust architecture. The capability and guidance for these blueprints were developed from real customer engagements to help organizations plan their zero trust journey and investments with a pragmatic approach that better aligns security and business objectives.
Get the latest news delivered straight to your inbox every day of the week. Stay informed with the Guardian’s leading coverage of Nigerian and world news, business, technology and sports.
0 Comments
We will review and take appropriate action.