Nation-state cyberattack tools are entering the black market, with a rise in ransomware as a service

Cyberattacks are on the rise around the world, accelerating further after the pandemic forced the world into a remote workforce and digitized ecosystem. In India, cyberattacks have doubled in the past three years, according to University of Surrey Researchbusinesses being the most common target of these attacks.

Air India suffered a devastating cyberattack in February, with 4.5 million customers whose data was compromised, prompting the company to encourage all customers to change their passwords. In January, Indian payment provider Juspay suffered a data breach, with 35 million customers see their data, including card information and fingerprint scans, posted on the dark web for anyone to buy.

India has been ranked in the top 3 most attacked companies for years, according to our very own Cyber ​​Readiness Report 2020/2021. With 1.15 billion phones and 700 million internet users, India exposes a large vulnerable user base and plenty of surfaces for cyberattacks to take off.

Unsplash/representative image

One of the best-known cyberattacks was the WannaCry attack, a global ransomware cyberattack that occurred in May 2017 using the WannaCry cryptoworm. This attack targeted computers running Microsoft Windows, encrypting data and extorting money from victims with ransom threats. This attack used the EternalBlue exploit to access it, an exploit developed by the US National Security Agency (NSA) and leaked by a group of hackers called Shadow Brokers, a name referring to a character from the game series. video. Mass Effect. May’s SolarWinds supply chain attack was also launched by nation-state attackers, with threat actors gaining access to Orion users’ networks with a hidden Trojan in updates software.

So why should businesses care about ransomware attacks, especially when most attacks seem to target the public sector? Simply because, while attacks on the public sector get wide coverage and attention, the truth is that there are many more attacks on SMBs – the successful ones, but the ones- they just aren’t as visible, so they don’t make the headlines. Research shows that small businesses are a ripe target for attackers – with 71% of ransomware attacks occurring on small businesses. Attackers ultimately do not discriminate who they are attacking, with all targets being a potential asset and source of revenue, regardless of scale. Companies also store large amounts of sensitive and personal data about customers and employees, which is potentially useful information for any attacker looking to target future targets.

sleazy hacker
Unsplash/representative image

Ransomware as a Service (RaaS) groups are coordinating supply chain attacks, with Maze RaaS operators using data extortion as a tactic to pressure their victims into paying ransoms, reporting an estimated $75 million dollars to their victims, according to a report by the security firm Analyste1. Not only do these attacks directly harm victims, but they also inspire tactics for fringe cyberterrorist groups to deploy in future attacks. Research and advisory firm Gartner, Inc predicts that in 2024 cyberattacks will be so damaging to critical infrastructure that a member of the G20 could retaliate with an overt physical attack.

Cyberattacks don’t just target businesses for financial gain, there are a myriad of different motives behind cyberattacks, each as troubling as the next. Attacks on nation states can be launched for the purpose of obtaining tactical espionage and military information, for example. Cyberattacks are also used with the aim of spreading misinformation and influencing public opinion or government decisions.. This means that cyberattacks aren’t always high tech and don’t use state-of-the-art technology, but can be as simple as posting misinformation on social media and using social engineering to spread the wrong direction. as much as possible, up to the reach of the Indian public.

In the summer of 2010, a computer worm named Stuxnet struck, destroying 2,000 centrifuges at an Iranian nuclear facility and crippling the entire plant. This worm had been in development since at least 2005 and was the first time malware was documented to spy on and corrupt enterprise systems. India was tougher than most countries, with a Stuxnet study composed by Symantec reporting that India hosted more than 8% of computers infected with the worm.

laptop with pirate flag
Unsplash/representative image

This begs the question: what should companies do? No business is secure, regardless of size, so it’s a problem that haunts all internet-connected business owners. Hiring professionals is one of the most proven ways to mitigate attacks and reduce any destruction caused by potential cyberattacks. Professionals can be anything from full-time cybersecurity experts to penetration testers and ethical hackers to part-time security consultants.

Yet there are steps that every business owner and even the general public can take to reduce the risk of cyberattacks and any potential harm. Using virtual private networks (VPNs) to secure data, for example, is a step anyone can take, from businesses to personal devices. Multi-factor authorization, which requires any password-secured login to be validated with a secondary device, is another important implementation that could prevent potential phishing and account compromise.

Gartner predicts that organizations’ adoption of a cybersecurity mesh architecture will reduce the financial impact of security incidents by an average of 90% by 2024. Mesh architecture requires organizations to put in place perimeter security around every user and endpoint, with Gartner predicting that the cybersecurity mesh will “support more than half of all IAM requests, enabling a more explicit, mobile, and adoptive unified access management model.” 2025.

Decrypting and encrypting all traffic, as well as deploying data loss prevention tools and intrusion prevention systems can also block businesses from potential attacks. Zero-Trust security measures, which require all users, even those with high permissions and merits, to be periodically and consistently authenticated, are also a recommended approach to mitigate security risks and prevent cyberattacks. internal.

Training employees in basic cybersecurity measures can also significantly reduce instances of cyberattacks and the amount of compromised data.. A famous example of preparing employees to save a business is the story of Rick Rescorla, during the infamous 9/11 attacks in New York in 2001. As chief security officer of Morgan Stanley Financial Services, located in the World Trade Center, it began security assessments and preparations for a potential air attack as early as 1990. It successfully evacuated over 2,700 Morgan Stanleys from the South Tower shortly after the North Tower was hit.

Unsplash/representative image

Employee training is all about teaching your employees to recognize phishing attacks, create strong passwords, and be careful about what data they entrust to whom. Especially with the pandemic encouraging a surge in remote working, cybersecurity training for employees is more important than ever. Cybersecurity experts are available for hire to train employees, with annual refresher courses encouraged as the cyberattack landscape is constantly changing. Conducting drills is also another way to keep employees alert, fake phishing attempts or fake social engineering attacks being a few examples. It is in your interest to prioritize:

1) Regular cybersecurity and password trainings for all your employees, especially those working remotely.

2) Vulnerability assessments and patch management

3) Zero trust approach for all users

4) Adopt a mesh architecture

5) Threat-agnostic anti-malware capabilities

Cyberattacks on nation states are on the rise, and delaying the implementation of cybersecurity protocols only invites inevitable attacks. It’s time for all businesses around the world to get serious about cybersecurity and prepare for the worst, and there are resources available for everyone, so no more excuses – protect yourself!

About the Author: Stas Protassov, co-founder of Acronis and president of technology. The opinions expressed here belong solely to the author.

For more interesting science and technology news and information, keep reading!

Comments are closed.