As cyber-attacks become more vicious, more extensively planned and ingeniously hidden, most security experts agree there is no “one-size-fits-all” solution for dealing with the menace. With global outlay on informatics security solutions increasing, Romanian companies are waking up to the looming threat and spending more money on protection.
Companies worldwide will spend USD 100 billion over the next ten years on security solutions, which amounts to an annual growth rate of 10-15 percent, against the current level of USD 65 billion, Liviu Arsene, senior eThreat analyst at Bitdefender, tells BR, quoting recent studies in this field.
“The average cost of a security breach for companies increased by 23 percent in 2014 on the previous year, to USD 3.8 million. Companies have all the arguments in favor of allocating budgets to highly efficient security solutions which should ensure the protection of crucial data for the evolution and sustainability of the business,” Arsene comments.
While in the past, hackers were more interested in proving their mastery at writing a virus, now they have changed their priorities and are trying to make as much money as possible, he explains.
“A fully-fledged cybercrime market has taken shape, where anyone can go in and bid for a special virus tailor-made for a certain occasion and pay a developer for that product. There are tailor-made solutions for any type of attacks, and sometimes even support services are provided, like for any legal software solution. Anyone, even someone lacking the programming skills, can commission the creation of a virus and get a phone number, which they can call for support if they do not know to use the delivered application,” Arsene tells BR.
The number of cyber-threats has hiked so much that nearly no company, however large or small, is immune, Laszlo Gyorgy, territory manager for Hungary and Romania at Mitech Systems, the official representative for Symantec products and services, tells BR.
He says that five out of every six large firms with more than 2,500 employees were the targets of spear phishing attacks in 2014, up by 40 percent on the previous year.
Small and medium-sized businesses also saw a rise in cyber-attacks, which climbed by 26 percent and 30 percent, respectively, says the official.
“Companies that have experienced a data breach in the past have had to fight the loss of trust in their brand. This damage is hard to quantify. Depending on the regulations, the companies might get fined and need to inform all clients of the breach. Unfortunately, there are still many companies that do not plan for a breach, as they think it will never happen to them,” Gyorgy comments.
The number of ransomware attacks surged by 113 percent in 2014, driven by a more than 4,000 percent increase in crypto-ransomware attacks, according to Gyorgy.
“While most people associate ‘extortion’ with Hollywood films and mafia bosses, cybercriminals have used ransomware to turn it into a profitable enterprise, attacking big and small targets alike. Instead of pretending to be law enforcement seeking a fine for stolen content, as we’ve seen with traditional ransomware, crypto-ransomware holds a victim’s files, photos and other digital media hostage without masking the attacker’s intention. The victim will be offered a key to decrypt their files, but only after paying a ransom – and there’s no guarantee their files will be freed,” he says.
Crypto-ransomware attacks are as the fastest-growing in this category of cyber-threats. While in 2013, crypto-ransomware comprised a negligible share of all ransomware attacks, representing just 1 in 500 instances, by 2014, the number of crypto-ransomware attacks had gone up 45 times.
“Email remains a significant attack vector for cybercriminals, but there is a clear movement toward social media platforms. In 2014, Symantec observed that 70 percent of social media scams were manually shared. These scams spread rapidly and are lucrative for cybercriminals because people are more likely to click on something posted by a friend,” Gyorgy tells BR.
Romania is starting to feel the sting as well. Statistics published by Kaspersky Lab have shown that in the first half of 2014 Romania saw a hike in the number of local cyber-threats. Almost 2.7 million incidents were detected on the computers of participants in the Kaspersky Security Network, compared to just over 2.0 million posted in the same period of the previous year.
On the other hand, the number of web threats went down nearly three times. Romania suffered just over 1.3 million web threats in the first half of 2014, down from over 3.2 million in the first half of 2013. However, Romania was still among the top 15 countries for the number of dangerous local websites.
Approximately 32 percent of Romanian users were confronted by local threats in the first half of 2014 – malware distributed via local networks, USBs, CDs and DVDs – which marked a 2.3 percent growth compared to the same period of 2013.
This placed Romania 136th worldwide, alongside countries like Germany and Italy, where 32.9 percent of users were affected by cyber-threats.
By contrast, 9.2 percent fewer Romanians were affected by web threats in 2014 than in 2013, representing 24.9 percent of the total number of users. This put Romania 76th worldwide for the dangers associated with surfing the internet.
Romania therefore fared better than Sweden and Ireland, which posted 25.9 percent and 25.2 percent respectively, but worse than Hungary and Slovakia, which saw just 22.9 percent and 22.8 percent of their users facing web threats.
“Romanian companies are exposed to a wide range of informatic threats, comparable to other countries in Central and Eastern Europe. (…) While not long ago the attacks were general and random, now a company is observed in detail, the weak links are identified and the attacks are carried out on the long term and are hard to detect. Such an attack can take place over months, and the damages incurred can be great. The most frequent attacks are those that aim to steal data, affect a company’s image or take various forms of blackmail,” Adrian Danciu, Fortinet regional director, tells BR.
He adds, however, that Romanian companies have nevertheless started to make visible progress in preventing cyber-attacks, especially thanks to the legislation, which is aligned to the current standards and geopolitical situation. “However, compared to the United States or Western Europe, IT security budgets in Romania are moderate,” Danciu points out.
Pundits canvassed by BR seem to agree that the fight against cybercrime needs to change strategy. Experts are warning that traditional tactics are failing.
“The old methods of adding another point product to the mix or waiting for IT to identify and propose technological solutions to the business side of the house are less effective than ever. No organization can simultaneously sift through alerts, track vulnerabilities, apply security policies across various systems and endpoints and accurately assess what a mass of global threat data actually reveals in real time. To manage these competing challenges, organizations must change their security posture from a defensive stance focused on malware to a more realistic and resilient approach – the cyber-resilient approach. Cyber resilience is about managing security with a multi-layered approach that encompasses people, processes and technology,” Gyorgy concludes.
How individual users can protect themselves from cyber-attacks
• Use a security solution, update it constantly and allow it to scan frequently
• Make security updates to your operating system and applications
• Avoid pages with dangerous content and links and files from unsafe sources
• Use a firewall to reduce the infected spam that reaches the inbox and do not open attachments from unknown sources
• Back up your data either in the cloud or on an external device
• Use strong and unique passwords for your accounts and devices, and update them ideally every three months. Never use the same password for multiple accounts
• Don’t click links in unsolicited email or social media messages, particularly from unknown sources
• When installing a network-connected device, review the permissions to see what data you’re giving up. Disable remote access when not needed
• Avoid spam and phishing
• Use antivirus and antispyware apps on all devices – computer, phone, tablet
• Don’t use pirated applications and pay attention what you install on your device
How companies can protect themselves from cyber-attacks
• Become aware of the risks by conducting a professional security audit
• Acquire unified security solutions, implement them correctly and update them regularly
• Implement multi-layered endpoint security, network security, encryption, strong authentication and reputation-based technologies
• Partner with a managed security service provider to extend your IT team
• Monitor and restrict access to critical and sensitive information so that only users who need to access that information are allowed to do so
• Supervise all devices connecting to the company network so that all terminals that do not comply with the company’s security policy have special access and functioning status
• Train the staff to recognize phishing, spear-phishing and other types of online threats. The user is always the weakest link in the security chain
• Have an emergency plan in case of an attack or security breach in the system
*Information provided by the quoted cyber-security experts