Cyberthreats in a Nutshell: You Are Not Prepared
Nowadays, it is almost impossible to think of a modern person who does not own a range of different gadgets. Businesses and individuals use numerous services to communicate and cooperate, and store and analyze data. The more we utilize (and enjoy) the benefits of the digital era, however, the more exposed our society is to cyberthreats. The annual damage to the global economy from cybercrimes in 2017 was almost USD 600 billion,a and cyberattacks are the reason for approximately five billion leaks occurring daily,b which may include individuals’ personal data, user credentials, credit cards, sensitive data related to corporate and governmental infrastructure, and corporate secrets. As such, the very pertinent issue of cybersecurity should be approached with thorough sobriety.
Today, every piece of data has value on the black market, as it can be used to the financial benefit of cybercriminal masterminds. Hackers’ major motivation is either money to be stolen or information that can later be sold or used for blackmailing. Marketplaces in the Darknet, an anonymous and encrypted internet, are extremely active; communities of cybercriminals involve millions of actors, with Russian-speaking cybercrime leading the pack. The internet has become an extremely aggressive area and one becomes a potential victim due to the simple fact that one is online.
Cybersecurity begins with understanding who threat actors are, what they do, what motivates them, and which tools they use. Recent ransomware epidemics and major breaches of international corporations prove that the approach of these institutions to security has been inadequate all along. A system administrator is not a cybersecurity officer, and firewalls and antivirus software are only one part of the whole picture; they are not enough. In the same manner that you involve lawyers to manage an M&A deal and tax consultants to arrange a proper corporate structure, it is equally important to entrust security issues to experts in the field.
According to global bank UBS, at least 15% of family offices globally experienced cyberattacks in 2016. Most high net worth individuals (HNWIs) and family offices need a cyber consigliere — a person or an authoritative cybersecurity company that understands what threats are uniquely relevant to an individual or business and which are the best methods for protection. At this stage, it is necessary to build the correct and safe infrastructure for the company/family office, to build interaction between employees and partners through encrypted channels.
For a business, most importantly, it is vital to establish a proper mindset and understanding among all staff members that cyberthreats are real and relevant. No matter how protected the infrastructure is, human beings are still the weakest link. Intrusions commonly involve social vectors and attacks on HNWIs begin with the closest circle: personal assistants, partners, advisors etc., as they all have access to sensitive data and information. Group-IB data reveals that about 80% of attacks begin with phishing: the attacker pre-selects the target and tries to gather as much information about the individual as possible in order to increase the likelihood of success. Clouds are another potential threat, especially iCloud or Google Accounts. By obtaining access, an intruder can make a copy of the smartphone/laptop/tablet along with all correspondence, notes that often contain PIN codes for bank cards, personal photos, and so on. This list is unique for everyone. After hackers obtain the information, they can blackmail you or sell the data to third parties such as rivals.
Even if you personally observe the rules of digital hygiene, employees and third parties tend to have access to sensitive information. So, should they fail to follow these basic rules of cybersecurity, it might lead to harmful circumstances. If an employee unknowingly opens a malicious phishing email, follows a fake link, or opens a malicious file masked as an invoice, it could result in a hacked mailbox and consequently compromised correspondence, contacts, passwords for different services, calendar, cloud storage, and other personal data.
This happened not long ago to a highly influential Russian businessman. A cyberattack on his personal assistant led to the leaking of an archive of mail correspondence for the past nine years. Data measuring 13 GB and consisting of over 10,000 letters containing confidential information related to the activities and assets of the business, as well as his partner’s business, became partially public. As if that wasn’t enough, the entire package was sold on the black market to an unknown party.
According to global bank UBS, at least 15% of family offices globally experienced cyberattacks in 2016
There are several methods aimed at preventing such situations. Group-IB recommends conducting special trainings for employees and raising the level of awareness about cyberthreats, cybersecurity, and digital hygiene. In addition, it is necessary to use early threat detection solutions for notification of security threats, malware, and breaches inside your network — in order to prevent intrusions, attacks, data leaks, and espionage — as well as threat intelligence solutions to discover threats and hacking activity early before they can harm you and your business.
Nevertheless, securing your castle is not enough. Similar to the Miranda warning: everything that you post can and will be used against you — even an inoffensive photo of a young girl with a yacht in the background (which went on to fuel a corruption scandal) or a photo of a private jet on a 10-year-old boy’s Instagram account (which allowed unsavory individuals to determine where his father had been for business negotiations). Businesspeople nowadays need to understand what information about themselves, their businesses, and movable and immovable property is available on the internet and the Darknet. It is also important to have an objective dossier on yourself based on open and semi-open sources and to understand what risks this exact information exposes. Losing control over this data can lead to financial and reputational damage.
As we continually move toward the era of the Internet of Things, we will progressively learn how to control toasters, vacuum cleaners, and yachts, even airplanes, remotely. In the case of yachts, for example, hackers are increasingly able to access navigation controls without leaving any traces, with the story of a Chinese businessman’s hacked vessel serving as just one illustration. Fortunately, an accident was avoided despite the yacht ceasing to respond to the captain’s commands. The alleged cause of the malfunction was the hacking of the yacht owner’s mobile device. The chief engineer noted that immediately after the phone appeared on board, the Wi-Fi disconnected, and the vessel’s control was restored only after removing the SIM card from the device.
Even if you build a cyber fortress around yourself and your personnel, it is also essential to take care of those who have authorized access to your sensitive information and data. This typically includes service providers such as legal, financial, insurance, and educational experts.
In the field of cybersecurity, it is also important to ensure that your business is protected against interrupted processes. Major recent ransomware attacks — such as WannaCry, NotPetya, and Bad Rabbit — not only caused financial damage but also suspended the operations of large international corporations. According to various estimates, the damage from just one WannaCry epidemic exceeded USD 1 billion. Maersk and FedEx each announced financial losses exceeding USD 300 million due to NotPetya.
The rapid development of information technologies expands the possibilities of humanity; at the same time, it exposes it to new risks. Every year, the risk of becoming a cybercrime victim grows, and it is necessary to prepare for any potential manifestations. Nowadays, cyber threats are among the top two corporate risks across all industries;c they are the leading key risk for the banking sector and capital markets.d
Despite the pervasiveness of these threats, society and business awareness about possible threats among individuals is critically low. It is necessary to understand that the world has changed. All information and finances are gradually moving online, to the internet. We observe that classical financial crime has shifted into cyberspace. Thus, the issue of cybersecurity should be taken seriously at each level: in the family, in businesses and NGOs, and by governments and society in general. It is easier to prevent a fire than to extinguish it.
a James Lewis, ‘Economic Impact of Cybercrime — No Slowing Down’ McAfee and the Center for Strategic and International Studies 2018
c Christina Hubmann, Heidi Polke-Markmann, Patrik Vanheyden, ‘Allianz Risk Barometer — Top Business Risks for 2018’ Allianz
d ‘Pulling Fraud out of the Shadows: Global Economic Crime and Fraud Survey 2018’ PwC