Rating, defining and protecting against the top five cyber threats keeping security experts up at night
by Pushpendra Mehta, Executive Writer, CTMfile
“Malware”, “account takeover”, “ransomware”, “phishing” and “reputation attacks via social media” are five of the leading cyber threats for organizations across multiple countries and industries, according to the CyberEdge Group’s recently published 2022 Cyberthreat Defense Report (CDR).
This survey report was administered to 1,200 information technology security professionals in 17 countries and 19 industries. The respondents were comprised of IT decision-makers in organizations with at least 500 employees.
Rating cyberthreat concerns
What types of threats are keeping security professionals up at night? For the seventh year in a row, malware leads the pack with 4.01 points on average (out of 5). A surprising runner-up, account takeover (ATO) and credential abuse attacks were rated at 3.97 points on average and moved up from fourth place last year. “In fact, the average concern rating for this type of attack increased the most of any of the 12 categories on this list,” states the report.
Source: 2022 Cyberthreat Defense Report
Rounding out the top five categories were ransomware (3.96), phishing (3.93) and reputation attacks via social media (3.86). ATO and ransomware attacks are on the rise and expected to close in on malware. “Based on current trends, we expect the level of concern about account takeover and ransomware attacks to pull even with or pass malware on this list in the next year or two,” the report further mentions.
Understanding the difference between the five cyber threats
Cybercriminals aren’t just sniffing around corporate treasury. They have silently manipulated their way into organizations and their employees, systems, networks, servers, data and infrastructure. They aren’t always easy to spot, but what is easier to decode are the concepts and terms of the five leading cybersecurity threats. Knowledge is a treasury and finance professional’s first line of defense.
Malware
Malware, or malicious software, is designed to steal or extract data and disrupt or damage devices (computers, laptops and mobile devices), servers or networks, or gain unauthorized access to a computer system. Common malwares include viruses, worms, Trojan viruses, adware, spyware, rootkits and keyloggers.
In 2021, there were 5.4 billion malware hits, according to SonicWall Capture Labs threat data.
Account Takeover (ATO)
Account takeover is a form of fraud where cyber thieves gain control over an organization’s bank accounts or finances to carry out nefarious activities such as initiating fraudulent financial transfers and transactions. It can also include adding fake employees to payroll or exfiltration of sensitive data that may not be recoverable.
Data from Sift’s global network reveals that ATO fraud exploded by 307 percent between 2019-2021. ATO losses increased 90 percent in 2021 alone, totalling US $11.4 billion, as per Javelin Strategy & Research’s 2022 Identity Fraud Study.
Ransomware
The word “ransom” tells you almost everything you need to know about this type of cyber threat. Ransomware is a type of malicious software or malware attack designed to lock and encrypt an organization’s data to deny the company access to its files and then demand a ransom payment to unlock and decrypt the data. Ransomware is a cyber-extortion tactic that takes advantage of human, system, network and software vulnerabilities.
According to estimates from Cybersecurity Ventures, ransomware is the fastest growing type of cybercrime and is expected to attack a business, consumer or device every two seconds by 2031, up from every 11 seconds in 2021. A study published by the Unit 42 security consulting group revealed that the average ransomware payment climbed 82 percent from 2020 to 2021 to a record $570,000 in the first half of 2021. Among the dozens of cases that Unit 42 consultants reviewed in the first half of 2021, the average ransom demand was $5.3 million. That’s up 518 percent from the 2020 average of $847,000.
The White House has implored organizations to treat the threat of ransomware attacks with greater urgency. In the US, the Cybersecurity and Infrastructure Security Agency (CISA) announced in May the formation of a task force on ransomware.
Phishing
“Phishing is the concept of sending an email that appears to come from a trustworthy source to get you to interact with it, to call a number, or to click on a link. The concept here is to catch as many fish or people as possible. Phishing attempts are done to gather sensitive information fraudulently by pretending to be someone cybercriminals are not so that you give up confidential information. It is not a personalized attack and not geared toward you or your company specifically. It is just casting a wide net to see who responds, who clicks on the email, or who calls on the phone number that is listed to gain access to your data or to control your devices from nearly every conceivable access point,” explains Craig Jeffery, managing partner at Strategic Treasurer, a leading treasury consulting firm. ⃰
“In 2021, 83 percent of organizations experienced a successful email-based phishing attack in which a user was tricked into risky action, such as clicking a bad link, downloading malware, providing credentials, and executing a wire transfer. That number is a startling 46 percent increase over 2020,” according to Proofpoint’s 2022 State of the Phish report.
Reputation attacks via social media
This form of cyber threat occurs when a cyber intruder tampers, hijacks or hacks (gains access to or control of) an organization’s social media accounts to deface or embarrass the company, to put their data for sale online, or to trick the company’s followers into clicking malware or phishing links for financial gain, personal vendetta, or to tarnish their brand and reputation, and even land corporations in legal trouble.
Bad actors in cybersecurity can damage a company’s reputation and steal data by typosquatting, which is considered a type of brand hijacking.
Typosquatting, also known as URL hijacking or a fake URL, is a form of cybersquatting where cyber criminals register a common misspelling of another organization's domain as their own (for example: securetreasurer.com instead of securetreasury.com), relying on mistakes such as a typo (spelling and typing error) made by a user when inputting a website address into a web browser that will then be led or directed to the typosquatter’s site instead, where the user will be tricked into revealing sensitive information or data, including login credentials and bank card details.
Attacks on brand and reputation in social media and on the web are on the rise. The 2022 Cyberthreat Defense Report elucidates the reason - “We believe the increase is due both to more activity by threat actors (such as typosquatting and hijacking social media accounts) and the recognition that this issue belongs to IT security teams as well as marketing and social media groups within the enterprise.”
Securing payments – a vital and ongoing process
Cybercrimes and data breaches continue to proliferate globally, adversely impacting organizations across all industries and sectors. According to ENISA, the European Union Agency for Cybersecurity, “Cyberattacks are becoming more sophisticated, targeted, widespread and undetected.” This means corporations must make cybersecurity a top priority and approach securing payments as a vital and ongoing process.
To carry out their role as the “superintendents” of payment security, treasury professionals must be equipped not only with current information, but also with stable, enduring principles for security.
Strategic Treasurer’s ebook Payment Security & Fraud Prevention brings you twelve payment security principles referred to by the mnemonic “SECURE CLAMPS,” distilled from a portion of Strategic Treasurer’s SecureTreasury™ course.
The cores of these twelve foundational principles for securing your payment processes remain consistent amidst constantly evolving threats and leading practices. This ebook will equip treasury, finance and security professionals with the necessary payment security intelligence to combat the surge in cybercrimes.
⃰ Disclosure: Strategic Treasurer owns CTMfile.
Like this item? Get our Weekly Update newsletter. Subscribe today