First article in our cybersecurity report about the main culprits: hackers.
Who are they? What are their goals? How much do they earn from these attacks and what is the cost for companies?
Businesses have become the perfect playground for hackers since the accelerated digitalisation of companies that has taken place with the health crisis.
According to Sophos, 44 percent of retailers worldwide were hit by ransomware last year. The figures speak for themselves: in 2021, hackers have multiplied their attacks, and 2022 is shaping up to be just as challenging and risky.
Who are these hackers? What are their goals?
Cybercrime is booming and has become one of the most lucrative criminal activities, even though it requires little equipment and investment.
Do you have to pay the ransom demanded? How much does hacking cost?
To avoid these cyber scams, companies are investing more in cybersecurity: there is an increase in CISO spending to protect against cyber attacks and ensure the security of customer information.
The rise of cyber hacking
Cybersecurity will still be your priority in 2022. According to a report from Orange Cyber Defense, while the number of cyberattacks worldwide grew by four times between 2019 and 2020, the situation has worsened in 2021 with 13% more attacks than last year.Number of cyberattacks against organizations increases by 13%, with noticeable rise in attacks targetinAnd 2022 should not be left behind: more breaches and vulnerabilities like log4j can be expected to hit the headlines.
If the cyber risk affects companies of all sizes, VSEs/SMEs, which are less well protected, are more targeted: "1 in 5 VSE/SME managers say they have suffered one or more cyber attacks or attempted cyber attacks in 2021". According to IBM, 62% of them cannot confirm being well protected against a cyber attack.
In France, the government is very concerned and has announced the creation of 1,500 cyber-patrolmen to fight against cyber-attacks. The ANSSi (Agence nationale de la sécurité des systèmes d'information : National Agency for Information Systems Security) regularly produces information guides, including one for very small businesses.
Why this boom in hacking?
Digital evolution inevitably leads to an increase in cybersecurity risks: the more companies are interconnected and depend on digital tools (videoconferencing, telecommuting, cloud computing or the Internet of Things (IoT), etc.), the more this opens up the possibility of breaches in which hackers can swoop.
By 2020, according to a MailINblack study, up to 60-65% of companies had more than 50% of their workforce remotely working, without providing them with cybersecurity barriers, thus increasing the risk of hacking. As a result, massive remote working has become the source of 20% of cyber incidents.
Cyberattacks are therefore on the rise in an economy that is digitizing much faster than it can protect itself from new risks.
Who are these hackers?
Hackers are constantly evolving and therefore have many possibilities to launch cyber attacks at low cost. There are different profiles of hackers with different attacks, damage and goals:
Mainly from Russia, Brazil or China, their targets are varied: "Russian hackers tend to target banks in the United States and Europe. Brazilian hackers generally use simple Russian-inspired tactics that pose little risk of exposure. Hackers in China send mass text messages in an attempt to force victims into fraudulent transfers."
Consequences and cost of hacking
"From January to May 2021, 6 hacker groups had already taken more than 45 million euros from 290 companies worldwide." (Source: eSentire study published on May 19, 2021)
The figures mentioned are quite huge and can make you dizzy: we can even talk about the 3rd largest economy in the world behind the United States and China.
"Estimated at 6,000 billion dollars in 2021, the cyber risk should reach 10,500 billion dollars in 2025. Cybercrime could thus become "up to 5 times more profitable than global transnational crimes combined".
From a cybersecurity ventures study, the figures are huge :
- $190 000 per second
- more than $11 million per minute
- more than $600 million per hour
- more than $16 billion per day
- more than $115 billion per week
- a monthly $500 billion bill...
What is profitable for the hackers becomes a huge loss for the others:
"6 companies out of 10 have experienced an impact on their business, with the main repercussions being a disruption of production (21%), and/or a breach of information (14%), and/or unavailability of the website for a significant period of time".
The financial consequences are then important according to a study by IFOP: "14% of the victimized companies declare that they had to spend more than €50,000 to get back on track, and even more than €100,000 for 6% of them". Sometimes the consequences are definitive: "70% of SME victims of a computer attack file for bankruptcy within three years".
We can understand why most companies choose to pay the ransom rather than lose time and more money... Loss of customers who will go elsewhere in case of late delivery, not to mention the overtime to be paid and the impact in terms of image on customers.
In this context, the cost of protection inevitably increases: "budgets allocated to cybersecurity are still increasing this year. 70% of companies confirm this trend, against 57% in 2020. 56% want to allocate more human resources to their organization. 84% will acquire new technical solutions, while 62% will use innovative offerings from start-ups.
The situation is evolving in an uncertain way with insurance companies no longer willing to cover the financial costs of these ransoms paid by companies to discourage them. While the ECB is concerned and asks banks to prepare for cyber attacks.
Employment in the cybersecurity industry still has a long way to go...
Far from the Hollywood image of the flamboyant Caribbean pirate, cyberpirates have some points in common with their distant ancestors: they are also " lawless ", sailing on the digital ocean of the Internet to ransom and plunder the rich " gallons " that are companies. But if the pirates of the seas used cannons and swords to rob their prey, our modern hackers use very different weapons with little similar damage. Discover in our second article the main threats of cyber hacking.