How cybercrime and economic uncertainty intertwine
Article written by Mike Sentonas, President, CrowdStrike
Businesses and consumers aren’t alone in feeling the pressures of a troubled economy. During a period of economic uncertainty, even cybercriminals feel the pinch as cryptocurrencies — critical for receiving ransomware payments and storing illicit funds — drop in value. This has led threat actors to become even more brazen and voracious in their efforts, driving a massive increase in the frequency and severity of financially motivated cybercrime as they identify new income streams and continue to exploit cybersecurity gaps for profit.
Cybercriminals’ heightened activity is clear in the growth of ransomware-as-a-service, a business model between ransomware operators and affiliates in which affiliates pay to launch ransomware attacks developed by operators. We’ve also seen growth in the weaponization of data as extortion becomes the most common cybercrime tactic. In the coming year, it’s predicted data extortion will surpass traditional data encryption and enable threat actors to repeatedly victimize organizations with tactics such as double or triple extortion and lock-and-leak operations.
Organizations will be exposed to more threats as the volume and complexity of cyberattacks continue to rise. In Asia Pacific and Japan (APJ), cybercrime accounted for 33% of all intrusion campaigns by attack type, according to CrowdStrike’s 2022 Falcon OverWatch Threat Hunting Report. The CrowdStrike OverWatch team tracked a 60% increase in interactive intrusions year-over-year in APJ compared to 50% globally.
Businesses in the APJ region need to be aware of these specific threats to prevent devastating financial and reputational loss from a data breach. According to CrowdStrike’s 2022 Falcon OverWatch Threat Hunting report, the industries most frequently targeted in this region include telecommunications, technology, manufacturing, retail and academia; however, in reality, all businesses need to be more proactive and vigilant with their security provisions.
Fighting cybercrime in tough economic times
These threats put additional pressure on businesses already struggling amid an economic downturn. Today, organizations have to juggle essential business priorities with fewer resources whilst dealing with a more motivated adversary. It’s a delicate balance.
When it comes to cybersecurity, this means trying to secure business operations, workforce, and sensitive data in the most effective way with limited resources. Unfortunately, this environment can lead businesses to prioritize funding for other operational requirements over cybersecurity — a decision that can expose them to dangerous risks.
To protect themselves effectively, organizations should continue to prioritize cybersecurity as a critical component of their business. It is always less expensive to pay for proper cybersecurity upfront than in the aftermath of a breach, including expenses such as cleanup, incident response and forensic investigations, legal repercussions, switching security providers, notifying customers, keeping regulators updated and more.
With the right strategy, there should not be a trade-off between cutting costs and implementing robust cybersecurity. As we navigate an economic downturn, these are the security priorities businesses need to consider to ensure they remain protected:
Ability to scale: Businesses need to know their cybersecurity partner will be able to support them and take on the burden of responsibility for cybersecurity when required. When the economic tide eventually turns, and businesses want to expand their security approach, they can increase it quickly and effectively. This means working with a security partner able to provide MDR support and is:
- Cloud-native – eliminating complexity and simplifying deployment to lower operational costs
- AI/ML-powered – protecting the entire threat lifecycle as well as instant visibility by harnessing the power of big data through a cloud-based analytics platform
- Easy to deploy – taking advantage of a single lightweight agent that works everywhere, including virtual machines and data centres, providing protection when endpoints are offline
Maximum value: Businesses often juggle multiple security solutions across their environment — a cumbersome and ineffective approach. Often, these solutions positioned as ‘free’ become expensive very quickly. This is due to the unforeseen extras to make it effective such as having to support multiple consoles and agents or requiring frequent updates and companion software to ensure it can operate.
It’s more efficient to consolidate tools into a single platform or at least minimize the number of vendors they work with using integrated solutions. They must focus on value in terms of dollars, efficiency, and success.
Full visibility: Businesses should have full visibility of their security solutions. This is essential when it comes to managing external attack surfaces, as well as rapidly remediating breaches. Achieving full visibility across the technology stack can be challenging, especially if certain parts are from a recently acquired business or spread across multiple locations. This is particularly important today as more businesses transition applications, workloads and data to the cloud. They need to:
- Eliminate blind spots associated with unmanaged or unsupported legacy systems or via their supply chain
- Minimize risk with asset inventory combined with advanced behavioral analytics to help identify and mitigate potential risks associated with connected devices and networks
- Continuously monitor assets in real-time to pinpoint unsupported and unmanaged devices that could lead to a breach
Seeking skills: Another challenge specific to an economic downturn is the potential headcount freeze. It’s difficult — sometimes impossible — to bolster a security team when you can’t take on new members. The best solution for large and small businesses looking to strengthen their security posture is to outsource and adopt a managed detection and response approach. This way, a business benefits from the right skills and the appropriate coverage of a proper security team and stack without taking on a new headcount.
Turning the tide
It is vital for businesses not to mistake cost for value when it comes to security. Good and cheap should not be prioritized in a security conversation to avoid becoming a victim of cybercrime. The best and most valuable cybersecurity solution for any business today is one that stops breaches, and organizations need security that works.
The views in the article are that of the author and may not reflect the views of this publication.