No organizations are immune from cyber risk because businesses of all sizes are potential targets for cyberattacks. Cybercrime is estimated to have generated $1.5 trillion for cybercriminals in 2018.
However, there are some cyberattack trends organizations can be watching for based on 2019 activities - increased attacks on cloud infrastructure and ransomware attacks.
Cloud infrastructures are subject to attack because they are a huge target for crypto-mining campaigns that can't attack Bitcoin directly. Bitcoin is difficult for cybercriminals to infiltrate because of random data exchanges within the blockchain and sturdy encryption. Therefore, when cybercriminals use malware or other attacks, they are unable to duplicate or infiltrate the data or blockchain. This leads cybercriminals to attack the transactions surrounding the blockchain to access the Bitcoin. The crypto-mining malware used by cybercriminals to attack cloud infrastructures is able to take over a computer's resources and mine cryptocurrency without permission.
Additionally, in 2019, there was a 50 percent increase in ransomware attacks for mobile banking software. Mobile devices were attacked in 27 percent of cyberattacks. Bitcoin has become a very popular target for ransomware attacks with hackers using software such as Ryuk to steal large amounts of Bitcoin from users. Julio Gil-Pulgar "Crypto Mining Malware 'Dominates' Cyber Criminal Activity, Report" bitcoinist.com (Jan. 17, 2020).
As cyber threats become more sophisticated and deceptive, organizations must prepare for several different types of intrusions. The approach should be proactive, not reactive. Many organizations are able to detect and respond to hackers but the best way to prevent loss is to stop an attack before it happens.
Organizations should implement real-time threat detection intelligence software. This will provide current information on the newest type of attacks and hacking techniques. The intelligence must cover everything from cloud, mobile, network, endpoint, and IoT attacks in order to ensure your organization is properly protected.