Modern Modem Mobsters are Costing the World a Fortune

CybersecurityThe internet has come a long way since the good old days of dial-up. It was slow but relatively safe. What started as the shared domain of government agencies and universities has morphed into an all-encompassing phenomenon — and a virtual playground for cybercriminals.

Even in the least developed countries, 27 percent of the population has some access to the internet; in developed countries access is almost universal, and 90 percent of people are active internet users.

A growing data trove to plunder

Data continues to compound, necessitating new metrics: terabytes, petabytes, exabytes, zettabytes and yottabytes. The global web of connectivity touches on every aspect of modern life — and generates 2.5 quintillion bytes of data each day. (To put that in perspective, there are eight bits, the lowest unit of memory storage, in a byte. Most people measure their consumption in gigabytes: 1,000 megabytes or a billion bytes. A quintillion equals a million trillions.)

Information is power, and so much data is a potential trove to be plundered by anyone with a little tech savvy. Moral considerations don’t come into it.

Cybercrime history

The first computer “worm”, created by Bob Thomas in 1971, was pretty benign. It bounced between computers, infecting screens with the playful message: “I’m the creeper: catch me if you can.” The first Denial-of-Service (DoS) attack was launched by Robert Morris a decade later. To raise awareness of cybersecurity risks, he created a worm that slowed down the internet — with expensive results; estimates of the damage caused rise to $10m.

The earliest recorded ransomware attack happened soon after. Joseph Popp created malware (malicious software) known as the AIDS Trojan. He mailed out more than 20,000 floppy disks claiming to contain information on AIDS research. But when researchers inserted the disks, the malware locked their files and demanded a $189 ransom be sent to a Panama PO Box. The attack was poorly designed and relatively easily reversed, but nonetheless, years of research was lost.

Ransomware and pay-outs skyrocketing

Over the years, attacks have gone from a trickle to a flood. Hackers have upped the ante. Paid ransoms quadrupled from 2019 to 2020, reaching a record $350m. Some believe that figure falls shy of the mark. Most organisations prefer not to publicise attacks for fear of negative press or lawsuits.

The World Economic Forum (WEF) warns that growing digital dependency has intensified cyberthreats — more so since the start of the pandemic. It reports a surge in malware and ransomware attacks, up 358 and 435 percent, respectively.

The WEF Global Risks Report 2022 explains how dependency on digital systems has altered society: “Over the last 18 months, industries have undergone rapid digitalisation, workers have shifted to remote working where possible, and platforms and devices facilitating this change have proliferated.

“At the same time, cybersecurity threats are outpacing societies’ ability to effectively prevent or respond to them. Lower barriers to entry for cyberthreat actors, more aggressive attack methods, a dearth of cybersecurity professionals and patchwork governance mechanisms are all aggravating the risk.”

Colonial Pipeline vs DarkSide Hackers

Colonial Pipeline, which supplies nearly half of consumer and airline fuel for the east coast of the US, suffered one of 2021’s biggest ransomware attacks. A hacker group known as DarkSide Hackers exploited an exposed employee password for a VPN (virtual private network) account. Colonial shut down the pipeline to prevent the infection from spreading, notified the appropriate government agencies, and brought in a specialist to investigate. The hackers got away with a $5m crypto payment before providing Colonial with the decryption key.

The FBI encourages organisations not to pay to avoid copycat attacks, and prevent the ransom being used for illicit activities. There’s no guarantee that the hackers will deliver on their promise, either. Of the 5,600 mid-sized organisations surveyed by cybersecurity specialist Sophos, 66 percent were hit by ransomware in the last year. Nearly half paid the ransom — but only four percent got everything back.

Ransomware-as-a-Service

Echoing the software-as-a-service (SaaS) model popularised by Adobe and Microsoft, hackers have begun to offer ransomware-as-a-service (RaaS). In 2020, two-thirds of ransomware attacks analysed by cybersecurity firm Group-IB used a RaaS model.

Cybersecurity consultant Jake Williams says that the rise in attacks comes with an increase in focus. Hackers develop ransomware programmes and set up online shops with customer service for the cybercriminals and their victims. It’s a smooth user experience, with plug-and-play RaaS options available in a one-click purchase and a help desk walking victims through the steps to convert money into cryptocurrency. Williams quipped: “I wish my internet service provider had customer service like these guys do.”

Crypto, Cybersecurity and Cybercrime

The Ransomware Task Force (RTF), powered by the Institute for Security and Technology, links the rise of cryptocurrencies with the explosion of ransomware. Crypto is the hackers’ preferred payment. Because of lax legislation, crypto markets have developed with little regard for due diligence or KYC (know-your-customer) standards. Practices like “chain-hopping” and “mixing services” help criminals obfuscate funds despite the safeguards of the blockchain. The RTF advocates for greater transparency, collaboration and regulatory consistency in crypto.

SMEs pay high costs as a prime cybercrime target

An IBM study has found that SMEs are the target of 62 percent of all cyberattacks, around 4,000 each day. The cost of a data breach hit a record high in 2021, with surveyed companies spending an average of $4.24m per incident. That’s a hefty expense for any big business, and for smaller players it can be the kiss of death. A study by the National Cyber Security Alliance found that 60 percent of SMEs go out of business within six months of a data breach. Despite those alarming figures, many SMEs have patchy — or even non-existent — IT protection plans.

“Higher data-breach costs are yet another added expense for businesses in the wake of rapid technology shifts during the pandemic,” said Chris McCurdy, the vice-president and general manager of IBM Security. “While (those costs) reached a record high over the past year, the report also showed positive signs about the impact of modern security tactics, such as AI, automation and the adoption of a zero-trust approach — which may pay-off in reducing the cost of these incidents further down the line.”

Cybercrime threatens national security and public health

According to the RTF, ransomware poses significate risks to national security. It threatens critical infrastructure and endangers public health. It can take cities by siege, shutting down municipal services and diverting vital public resources. The City of Atlanta paid a $50,000 Bitcoin ransom in 2018 — but estimated the total cost to exceed $2.6m. The City of Baltimore refused to pay the ransom in a 2019 attack, but it took weeks — and more than $18m — to restore the systems.

The healthcare industry has been under increasing threat from cybercriminals, second only to the SMEs. Hackers exploited vulnerabilities in the pandemic, hitting 560 hospitals, medical centres and healthcare facilities in the US in 2020. The University of Vermont Medical Centre (UVM) was forced to furlough employees and delay medical treatments in October 2020. The UVM president projected the cost of a full system recovery at $64m.

Cybersecurity preparation, practice and response

Jamil Farshchi, the chief information security officer of Equifax, stresses the importance of preparedness: “If organisations go through the steps and they practise with their board and executives, then when bad things happen … you’re able to lean in and solve them in a very rapid fashion.”

There are some basic protocols for all companies. All systems should be backed up at regular intervals on a virtual (cloud) and/or physical (USB drive) database. Software and hardware should be checked for updates; patches are released as new vulnerabilities are uncovered. Passwords should be unique to each user and site, not recycled across multiple pages and providers. Multifactor authentication and antivirus filters help to protect networks from external threats.

Comprehensive cybersecurity guidance could help employees to close any chinks in the company armour and present a unified, high-alert front. Companies could offer training to staff members with the interest and aptitude to level-up skills. This would allow companies to build a cybersecurity team from the ground up, with internal promotion programmes to develop skilled tech workers — currently in short supply.

The RTF laid out a framework to deter ransomware attacks and disrupt their “business models” to cut their profit margins — which are at 98 percent, according to some estimates. The RTF aims to help organisations prepare for, and respond to, ransomware attacks.

“There are only two types of companies,” according to Robert Mueller, the former director of the FBI and special counsel on Russian interference in the US election process. “Those that have been hacked and those that will be hacked.”

According to a 2022 report by Grand View Research, global cybersecurity services will be worth $192.7bn by 2028 — and $500.7bn by 2030. It’s time to find a competent partner to help implement, practise, and maintain a good defence strategy.


You may have an interest in also reading…

Asia Pacific’s Innovation Boom: Technological Titans are Emerging

Go east, young entrepreneur… The Asia Pacific region is a driving force in global innovation. Comprising a mix of established

UN Chief: Countries Bound for COP27 Must Make Climate Action ‘The Top Global Priority’

As government representatives begin the finalize the agenda for the COP27 climate change conference in Egypt next month, for pre-COP planning in

The Long-term Growth of Sustainable Investing

In April 2013, the concrete roof of a dilapidated factory in a densely populated district of Dhaka, Bangladesh, housing thousands