“Cyber-Security is much more than a matter of IT.”

The modern world is characterized by a continuous exchange of information. These issues apply to both interpersonal and business relationships. Cyber security has become more and more conscious as a result of the increasing flow of information generated by the current market situation.

Cybersecurity Awareness Month takes place in October 2023. Hence, I would like this article to be a kind of idea that each of us should have in our minds, no matter what our profession may be. Though it is only a few minutes long, I believe its purpose is to show the current cyber threats we face. Human error is the major failure point in cyber attacks, even if our data is protected by the military, behind a meter-high wall in an underground bunker.

"As cybersecurity leaders, we have to create our message of influence because security is a culture and you need the business to take place and be part of that security culture"

Inflation and recession have been looming over the past year at least. It's a delicate act to grow your business, and that's doubly true when it comes to getting your cybersecurity strategy right. It's no secret that cybercrime is on the rise.

A survey conducted by the UK Government revealed that more than a quarter of businesses had suffered cyberattacks within the last 12 months. Medium-sized businesses (59%) and large businesses (69%) suffered cyberattacks more frequently.

Based on several independent reports by organizations investigating the phenomenon of cybercrime and based on a study by the Department for Science, Innovation & Technology of the British Government, cyber security market trends has revealed the following:

• Cybersecurity Ventures expects global cybercrime costs to grow by 15 percent per year over the next three years, reaching $8 trillion USD globally this year and $10.5 trillion USD annually by 2025, up from $3 trillion USD in 2015.
• Ransomware will cost its victims around $265 billion (USD) annually by 2031.
• The amount of sensitive data we exchange with AI is increasing, both for ourselves and for potential contractors. It doesn't matter who the recipient is on the other side, because we trust artificial intelligence so much.
• The time of a cyber attack, e.g. using malware, has been reduced by two times compared to 2022.
• Phishing Attacks were the number one crime type, with 300,497 complaints reported. The total losses due to phishing attacks exceeded $10.3 billion. FBI Raport

Biggest data breaches and cyber attacks in 2023

• UK Electoral Commission- Last month the Comissione revealed that "hostile actors" accessed its emails and potentially the data of 40 million voters. BBC NEWS (https://www.bbc.com/news/technology-66709556 )
• Tigo- one of Chinas most popular online messaging platforms experiencing a data leak affecting over 700,000 individuals. https://techinformed.com/146m-records-breached-in-july-cyber-attacks-and-india-restricts-laptop-imports/
• Genworth Financial- was harder hit, saying personal information of nearly 2.5 million to 2.7 million of its customers was breached. https://www.insurancebusinessmag.com/us/news/cyber/genworth-outlines-massive-hit-from-global-moveit-hack-450435.aspx
• AT&T- AT&T has notified approximately 9 million customers that their personal data has been exposed in a data breach. https://www.bleepingcomputer.com/news/security/atandt-alerts-9-million-customers-of-data-breach-after-vendor-hack/
• P?le Emploi. Approximately 10 million job seekers may have been affected by a hacking incident at one service provider that compromised a large amount of personal data. https://www.bfmtv.com/tech/cybersecurite/fuite-de-donnees-a-pole-emploi-10-millions-de-personnes-potentiellement-touchees_AV-202308240266.html
• Several Italian Banks were affected by DDoS (distributed denial of service) attacks in early August, according to the Italian cyber security agency, Agenzia per la Cybersicurezza Nazionale. https://therecord.media/russian-hackers-claim-attacks-on-italy

The most common types of cyberattacks in 2023

• Phishing Attacks

Phishing attacks are responsible for 90% of data breaches. Phishing attacks remain the most common cyberattack, generating approximately 3.4 billion spam emails per day.

These include a variety of deceptive techniques designed to trick individuals into disclosing confidential information or engaging in malicious activities via hidden emails or websites.

• DDos Attacks

A DDoS attack uses multiple servers and internet connections to flood the target resource. A DDoS attack is one of the most powerful weapons on a cyber platform. When you find out that a website has gone down, it usually means that it has been the victim of a DDoS attack. This means that hackers have attacked your website or computer, causing a lot of traffic. So your website or computer crashes due to overload. One of the most significant DDoS attacks occurred in March 2023. The website of the French National Assembly experienced a temporary outage due to a DDoS attack orchestrated by Russian hackers.

https://docs.trellix.com/bundle/network-security-platform-9.1.x-product-guide/page/GUID-A9CABAC9-DB31-4AD0-BD3C-A46A3B2CD2DA.html

• Malware Attack

Short for “malicious software,” malware is computed code that is designed to harm or exploit any programmable device, server, or network. The malicious intent of malware can take many forms, including denial of access, destruction or theft of data, monetary theft, hijacking computer resources, spreading misinformation, propagation of malware, and many other harmful actions. The motivation for cybercriminals to spread malware could be for money, spying or theft of secrets, or damage to a competitor or adversary.

1. Ransomware
2. Botnet Malware
3. Crytpjoacking
4. Fileless Malware

Cyberworld has been transformed beyond recognition as a result of the Global Crises

In 2019, if someone had told us what the world would face in the coming decade, we would probably laugh and consider this person a heretic. Cyber security has never been so vital in this time of economic conflict, pandemics, wars, immigration crises, global warming, and sustainable development.

With the explosion of data and information, instant messengers, file exchange platforms and even artificial intelligence, the modern world is becoming increasingly similar to the scenario in the 1999 film The Matrix.

Cybercrimes do not sleep, and technological development combined with numerous crises have given them a number of tools and situations to both prey on the weaknesses of modern economies and organizations.

“It takes 20 years to build a reputation and few minutes of cyber-incident to ruin it.”

As you read the above sentences, let's rethink how we approach cyber security and how the people factor is the weakest link in the process of protecting against cyber threats.

It takes more and more time to exchange information, we are constantly connected to various wireless networks via instant messengers, we click on random links on the Internet, and we trust any free antivirus downloaded in five minutes with the issue of cyber awareness.

As we have devalued, our expenditure on cyber security is increasing, and yet 3/4 of all detections in organizations are detections related to the human factor (downloading malware, clicking on a link, sharing sensitive data with unknown recipients).

Considering the complexity of the problem, the next time an organization or an employer sends us for training, we should not go through it just to get it over with, but let's be willing to understand the scale of benefits that come with this training.

Summarizing the above introduction to the cyber security review in 2023, in the next article I would like to show how the synergy between our awareness and Trellix solutions ensures our security.

“I really think that if we change our own approach and thinking about what we have available to us, that is what will unlock our ability to truly excel in security. It’s a perspectives exercise. What would it look like if abundance were the reality and not resource constraint?”