How to protect yourself amid a wave of cyberattacks on businesses
Recent waves of next-generation cyberattacks on large organizations have shaken the business world, exposing vulnerabilities and challenging information security.
The reality of recent next-generation cyberattacks
The information on the recent waves of cyberattacks on companies worldwide is alarming.
At the end of 2023, 73% of companies worldwide reported a fear of receiving a cyberattack in the following year, an increase of 8% compared to the previous year.
The outlook in Spain is also worrying, as 94% of companies have suffered a cybersecurity incident in the last year. Already in 2022, Spain ranked third globally in terms of cyberattacks.
Recent next-generation cyberattacks are sophisticated, targeted, and persistent. They use advanced techniques to bypass traditional security systems and cause significant damage.
These attacks are not limited to small and medium-sized companies with less protection capacity, but large organizations are also proving to be vulnerable targets.
Attackers use techniques such as targeted phishing, ransomware, and brute force attacks to penetrate enterprise networks, as well as zero-day vulnerabilities and security flaws unknown to the public and the software manufacturer.
These techniques are effective because they use the latest technologies, such as artificial intelligence (AI) or machine learning, in the design and execution of cyberattacks.
The impact of these recent cyberattacks is wider than the short term and, sometimes, endangers the business’s survival in the medium term. Immediate damage includes loss of sensitive data, disruption of business operations and services, damage to the company’s reputation, and the cost of recovery.
Sectors most affected by the waves of cyberattacks on companies
In Spain, according to data provided by INCIBE, in 2023, the sectors most affected by cyberattacks were:
- Industrial sector: Spain is the fourth country in Europe with the most cyberattacks against the industrial sector, and attacks are expected to continue increasing and affecting new subsectors such as agriculture or livestock in their most digitized production phases.
- Healthcare sector: According to ENISA data, Spain ranks second in episodes of cybersecurity attacks in the healthcare sector in Europe, with 25 incidents recorded between 2021 and 2023.
- Financial sector: The financial sector maintained 25% of cyberattacks recorded in 2022 and 2023, which is a stable trend compared to other sectors.
- Transportation sector: This sector also accumulated over 25% of cyberattacks in 2023.
- Energy sector: the energy sector has exceeded 22% of cyberattacks in 2023, making it a sector in the spotlight due to the importance of its services.
- Insurance sector: The insurance sector is another sector most affected by cyberattacks. 94% of Spanish insurance companies suffered at least one serious cybersecurity incident last year.
- Telecommunications and technology: 18.3% of the incidents managed in 2023 were related to this sector.
- Public Administrations: Public Administrations are in the crosshairs of cybercrime due to the large amount of sensitive data they handle and their importance in the hectic global socio-political environment.
- SMBs: SMBs continue to register many cyberattacks, and their strategy is based on the cumulative benefit of the success of many lower-yielding attacks.
These data do not differ much from those provided by ENISA for the European Union. The increase in cyberattacks on the European financial and health sectors so far this year is noteworthy.
Why are there more and more cases of successful cyberattacks on companies?
The frequency of different types of cyberattacks worldwide has increased significantly in recent years.
Specifically, in Spain, according to the 2023 Annual National Security Report, CCN-CERT managed 107,777 incidents, Incibe 83,517 incidents, and ESDF-CERT 1,480 incidents in 2023. This represents a significant increase compared to previous years. In 2018, INCIBE reported 102,414 incidents, representing a 15% increase in the frequency of cyberattacks on companies in just five years.
Among the leading causes of the success of the recent waves of cyberattacks are:
- Lack of risk perception Many companies, especially small and medium-sized ones, do not clearly perceive the risks they face and do not bother to adopt a true cybersecurity strategy.
- Vulnerabilities in hardware and software. Devices used by employees and systems critical to company operations are vulnerable to attacks and are the main entry point in 18% of cases.
- Cybersecurity culture. The lack of a cybersecurity culture among workers and collaborators leads to errors and vulnerabilities that cybercriminals can exploit. Keeping staff and collaborators up to date with the latest developments and trends in cybersecurity means reducing the chances of success of social engineering techniques and reinforcing system protection.
- Lack of proactive approach to cybersecurity. Data stolen in cyberattacks or leaked by security breaches often ends up on black markets, on the Dark Web, or the Deep Web, where it is sold to other criminals for various illicit purposes, such as designing new cyberattacks. Implementing a proactive approach to corporate cybersecurity allows you to locate data and breaches before they can be used to attack the organization.
- Operations by notoriety. Cybercriminal groups operate by notoriety and feed off each other with increasingly complicated challenges to expose the security of large organizations. The increase in cyberattacks is driven by the growing notoriety of attacks and feedback among cybercriminals. This has led to an increased frequency and severity of recent cyberattacks and the peculiarity that they are executed in what appear to be planned waves.
The lack of investment in cybersecurity
Of all the causes of the success of recent cyberattacks on any company, one triggers the rest and forms the basis of this: companies lack a real and solid culture of investment in cybersecurity.
Corporate cybersecurity strategies and tools require planned and continuous investment that responds to the objectives of permanent updating and incorporation of the latest technologies and the most evolved solutions.
To stop the success of attacks, organizations must incorporate into their investment culture the idea that they must be one step ahead of cybercriminals in technological updating and evolution as a foundation for business continuity and growth.
It is enough to compare what an organization may consider a high expenditure on cybersecurity with the value of its databases, industrial and intellectual properties, liquid assets, products and services, brand, the trust of customers, partners, and investors, or the cost of an erroneous risk calculation, among other things, to visualize that it constitutes a profitable investment in the business.
In the current scenario, providing the corporate cybersecurity strategy with the most advanced technologies is not an option for organizations but a necessity.
Cybercriminals quickly incorporate every technological innovation into the design and execution of their cyberattacks. Combating this growing and limitless sophistication with outdated tools or solutions not based on the latest technologies is impossible.
Actions to prevent cyberattacks on companies
Protecting yourself to avoid cyberattacks or minimizing their consequences involves changing the traditional approach to cybersecurity and adopting one that goes beyond barrier protection with strategies such as:
Proactive Cybersecurity
In today’s increasingly sophisticated cyberattack scenario, staying one step ahead of them is the only way to prevent them.
A proactive approach to cybersecurity involves anticipating threats before they occur. Instead of reacting to security incidents after they happen, a proactive approach seeks to prevent them.
This includes identifying system vulnerabilities in cybersecurity, implementing preventative measures, and ongoing staff training. Therefore, it involves using advanced technologies such as artificial intelligence to detect unnatural patterns, conducting penetration tests to discover weaknesses, and creating an incident response plan.
A proactive approach also involves keeping up with the latest trends and threats in cybersecurity and constant commitment from the organization to protect its digital assets.
Third-party risk assessment
Due to the current scenario of interconnection between companies, a corporate cybersecurity strategy that does not include its third parties in the monitored and controlled attack surface is a failed strategy. Third-party risk management ensures that relationships with third parties do not compromise the organization’s security.
This third-party risk assessment involves assessing and mitigating the risks associated with interacting with suppliers, partners, and other third parties. It includes access to sensitive data, systems integration, and reliance on critical services.
Organizations should conduct security audits, review third-party cybersecurity policies, and establish service-level agreements. In addition, it is crucial that the organization has state-of-the-art cybersecurity solutions that allow it to control and manage third-party risk continuously and in real time for the duration of the business relationship.
NIS 2, the European Cybersecurity Directive that comes into force in 2024, elevates third-party risk assessment to a mandatory requirement for companies in critical sectors of the EU.
Locating Leaked Credentials
The location and identification of leaked credentials and passwords is essential to prevent the theft of data and critical information and the execution of attacks that use social engineering techniques.
Detecting these breaches allows organizations to take steps to protect themselves, change compromised passwords, and strengthen their security policies In addition, it helps identify patterns in leaks, which is helpful to prevent future incidents.
Address the challenges of cyberattacks on businesses in the digital age with Kartos
Our Kartos by Enthec Cyber Intelligence platform enables organizations to implement a proactive cybersecurity approach. It detects open breaches and vulnerabilities exposed for override before they are used to carry out a cyberattack.
Kartos XTI Watchbots continuously and automatically monitors the external attack surface of organizations to locate exposed vulnerabilities of organizations and their third parties.
In addition, Kartos uses self-developed Artificial Intelligence to ensure the elimination of false positives in search results.
To learn more about how Kartos by Enthec helps your organization protect against a wave of cyberattacks on companies, discover our solutions or contact us here.