It’s been a banner year for digital disruption of the worst kind. Headlines have been dominated by WannaCry, Petya, Equifax, CIA Vault 7 and many other high-profile attacks, and an increasing number of incidents are targeting smaller organizations and institutions. Cyberattack volume doubled in the first half of 2017. It will only get worse as cyber criminals continue to probe for weak links in corporate security chains and become more creative and sophisticated in their strategies.
Cybercrime is the greatest threat to every company in the world, according to IBM CEO Ginni Rometty. While that sentiment may not be literally true, it’s not far off the mark. It’s becoming clear that security should be part of nearly all business and IT discussions. A slew of statistics shows why:
1. Ransomware costs jumped from $325 million to $5 billion in just two years.
Ransomware attacks are exploding. The cost of ransomware—malicious software that blocks access to a computer system until a sum of money is paid—will grow to $5 billion in 2017. That’s up from $325 million in 2015—a 15x increase in just two years. The most common targets by sector: business and professional services (28%), government agencies (19%), healthcare (15%) and retail (15%), with all other industries making up the remaining 23 percent.
2. 75% of cyberattacks target small and medium businesses.
SMBs are bigger targets than larger businesses because their security tends to be less sophisticated, making them easy prey. That’s why about 75 percent of attacks target smaller companies. And the threat is escalating fast, according to the SonicWall Annual Threat report.
3. 80% of users know of phishing risks; 56% click anyway.
Ransomware is most often delivered via a phishing email. Nearly 80 percent of people claim to be aware of the risks of unknown links in emails, yet 56 percent of them click on them. The main reason? Curiosity. Phishing is one of the biggest, if not the biggest, security threat to organizations of all sizes. Just one person clicking a fake email about banking or spyware can give a hacker direct access to all the data on their device and a direct path to your network. One particularly devious tactic: phishing emails often are spoofed to appear as if they come from the victim company’s IT department or an anti-virus vendor.
4. Hackers hide in networks an average 140 days before discovery.
The median number of days an attacker resides within a network before detection is 146 days, according to Microsoft. That’s five months to tinker around, find vulnerabilities and steal passwords, sensitive information and documents.
5. 160,000 Facebook accounts are compromised every day.
Social media profiles are valuable tools for companies to spread awareness, but they also are easily exploited by hackers. Some of the most popular types of attacks: phishing disguised as a trustworthy entity in a Facebook message or Tweet; like-jacking, where criminals post fake Facebook “like” buttons to webpages, causing users to click and download malware instead of “liking” a page; link-jacking, a practice used to redirect one website’s links to another which hackers use to redirect users to malware-infected websites that hide drive-by (unintended) downloads or other types of infections.
6. One in three security professionals doesn’t know if mobile malware has breached their network.
Security breaches using BYOD (bring your own device) and mobile devices are on the rise. One fifth of IT professionals surveyed by Crowd Research Partners experienced a breach through the use of BYOD or mobile devices. Even more alarmingly, about 35 percent of security professionals do not know if mobile malware is present on their network, and 37 percent aren’t sure if a breach has occurred.
7. 70% of millennials bring outside applications at work in violation of IT policies.
By 2020, millennials will make up nearly half of the global workforce. Some 60 percent of Millennials aren’t concerned about corporate security when they use personal apps instead of corporate-approved apps. 70 percent even admit to bringing outside apps into the enterprise in violation of IT policies, compared to just 31 percent of Baby Boomers. So while Millennials have a heightened focus on corporate social responsibility – an admirable trait – they also are more apt to break the rules. And that’s a challenge when it comes to cybersecurity.
The need to monitor, detect, remediate and report on both internal and external vulnerabilities is growing, especially for small- and medium-sized businesses. TPx has invested heavily in cybersecurity systems and solutions so affordable cybersecurity and business continuity services are within your grasp. Reach out to your TPx representative or call our security sales team at 888-407-9594 and we’ll show you how we can help you protect your company from these growing threats.
About the Author
Matt Mair is a Senior Product Marketing Manager for ITx Managed Services. His role includes marketing and communications for TPx’s suite of managed IT offerings including Managed SD-WAN, LAN Monitoring, Office 365, Workstation and Servers Management, Colocation and Server Backup solutions. Matt holds an MBA from Michigan State University’s Broad School of Business and resides in Los Angeles.