Ransomware up nearly 2,000% in two years as cyber mafia hit business

Cyber attacks on businesses in 2017 grew in frequency, sophistication and malice – a report on the new age of organised cyber crime finds.

Cyber attacks on businesses in 2017 grew in frequency, sophistication and malice - a report on the new age of organised cyber crime finds.

The new generation of cyber criminals increasingly resembles traditional mafia organisations, requiring a new approach to dealing with it, according to a report by security firm Malwarebytes.

Cyber criminals have the same professional organisation as mafia gangs of the 1930s, but they also share a willingness to intimidate and paralyse victims, the report shows.

Malwarebytes’ analysis also shows that, in spite of acknowledging the severe reputational and financial risks of cyber crime, many business leaders greatly underestimate their vulnerability to such attacks.

The report calls for businesses and consumers to fight back by acting as “vigilantes” through greater collective awareness, knowledge sharing and proactive defenses. This includes a shift from shaming businesses that have been hacked to engaging with them and working together to fix the problem.

Businesses must also heighten their awareness of cyber crime, and take a realistic view towards the likelihood of attack.

The vast impacts of these attacks, the report said, mean that cyber crime must be elevated from a tech issue to a business-critical consideration.

Malwarebytes’ data demonstrates the urgent need for such a shift in approach by highlighting the capacity of these fast-maturing gangs to inflict greater damage on businesses.

The new cyber mafia, the report said, is accelerating the volume of attacks, with the average monthly volume of attacks in 2017, up 23% compared with 2016. In the UK, the report said 28% of businesses had experienced a “serious” cyber attack in the past 12 months.

Ransomware attacks detected by Malwarebytes show that the number of attacks in 2017 from January to October was 62% greater than the total for 2016.

In addition, detections are up 1,989% since 2015, reaching hundreds of thousands of detections in September 2017, compared with fewer than 16,000 in September 2015. In 2017, ransomware detections rose from 90,351 in January to 333,871 in October.

“The new mafia, identified by our report, is characterised by the emergence of four distinct groups of cyber criminals: traditional gangs, state-sponsored attackers, ideological hackers and hackers-for-hire,” said Marcin Kleczynski, CEO of Malwarebytes.

Malwarebytes argues that the growth of cyber crime and a lack of clarity over how best to police it is damaging victim confidence, with those affected by cyber crime often too embarrassed to speak out.

This is true for consumers and businesses alike, the report said, and can have dangerous ramifications as firms bury their heads in the sand instead of working to reduce future incidents.

The report suggests that the answer lies in engaging and educating the C-suite so that CEOs are as likely as IT departments to recognise the signs of an attack and be able to respond appropriately.

“CEOs will soon have little choice but to elevate cyber crime from a technology issue to a business-critical consideration,” he said.

“Rather than sit back and minimise the blow from cyber crime, individuals and businesses must take the same actions that previous generations of vigilantes once did against the fearsome syndicates of their day: fight back,” the report said.

So if you want to save yourself stress, money and a damaged reputation from a data incident with affordable, live systems protection please ring us now on 01242 521967 or email [email protected] or complete the form on our contact page NOWContact Cyber 139

Small businesses cyber success is balance of user experience, privacy and security

Small businesses need to balance user experience, privacy and security to achieve overall cyber success.

Small businesses need to balance user experience, privacy and security to achieve overall cyber success.

A change in approach will help businesses achieve the right balance between user experience, privacy and security more easily, says Martin Kuppinger, principal analyst at KuppingerCole.

“Most businesses are making the fundamental mistake of thinking inside-out, but by thinking outside-in, they will automatically put the consumer first,” he told Consumer Identity World Europe 2017 in Paris.

This means instead of thinking about what suits the business, the business looks at what will best suit its customers, what works best for customers and taking customer preferences into account.

“Most businesses need to switch from the approach where they are telling consumers what they want them to do, to making it clear they are willing to do things the way the consumer wants,” said Kuppinger.

“We do what you want, needs to be the message, because this is the best way to ensure that consumers will want to do the most with them,” he said.

In the light of the European Union’s (EU’s) General Data Protection Regulation (GDPR), Kuppinger said it is now even more important to get the balance right.

From a consumer perspective, this means ensuring that services and interactions with suppliers need to be simple, and as frictionless and transparent as possible.

“Aside from GDPR requirements, consumers are generally more willing to share data if the reward is clear and they know that organisations use their data only for the purpose it was originally collected for,” said Kuppinger.

From a business perspective, it is therefore important to ensure that there is a standard approach to customer data throughout the organisation and that personal data is collected only when necessary.

“They need to be clear about what they are collecting, what purpose they are collecting the data, and they must provide processes for consumers to withdraw consent if they wish.”

However, done correctly, collecting and managing consumer information can improve the customer experience, said John Tolbert, lead analyst at KuppingerCole.

“Consumer identity management can also enable new business models, such as freemium models where basic services are provided free with the option of upgrading to paid services or shared revenue models,” he said.

Tolbert also emphasised the importance of making it clear to consumers what they will get in exchange for agreeing to allow businesses to collect and user their data.

“Again, getting the balance right is important because the more data you collect the more friction you add, so collect just enough information to be useful to keep friction to a minimum,” he said.

Tolbert said it is always important to be explicit about information is being collected, collect only what is necessary, and reduce friction by avoiding pop-ups that continually ask for more data.

“Fine-tune how you interrupt visitors to your site, be conservative in the information you collect and always ensure you have good consent management processes to collect and store consent,” he said.

So if you want to save yourself stress, money and a damaged reputation from a data incident with affordable, live systems protection please ring us now on 01242 521967 or email [email protected] or complete the form on our contact page NOWContact Cyber 139