Cybersecurity incidents cost businesses $45B last year

Ransomware, cryptojacking, and business email compromise attacks all ramped up the financial losses due to cyber breaches, according to the Online Trust Alliance.

How SMBs and startups can mitigate the impact of cyberattacks Mayer Brown cybersecurity and data privacy attorney Stephen Lilley explains why SMBs and startups are particularly vulnerable to cyber-attacks and data breaches.

Despite the number of cybersecurity breaches and exposed records falling in 2018, more than 2 million cyber incidents occurred, resulting in over $45 billion in losses, according to the Internet Society's Online Trust Alliance (OTA) in its Cyber Incident & Breach Trends Report, released Tuesday. 

A few types of attacks caused the most financial damage, the report found. The financial impact of ransomware rose by 60%, while losses from business email compromise (BEC) attacks doubled, and cryptojacking attacks more than tripled over the past year. 

SEE: Special report: A winning strategy for cybersecurity (free PDF) (TechRepublic)

The actual financial impact of cyberattacks is likely higher than $45 billion, as many incidents go unreported, OTA noted. 

OTA tracked and analyzed threat intelligence data from sources including Risk Based
Security, Identity Theft Resource Center, Privacy Rights Clearinghouse, DLA Piper,
Symantec, and the FBI to build its report. 

"While it's tempting to celebrate a decreasing number of breaches overall, the findings
of our report are grim," Jeff Wilbur, technical director of OTA, said in a press release. "The financial impact of cybercrime is up significantly and cyber criminals are becoming more skilled at profiting from their attacks. So, while there may be fewer data breaches, the number of cyber incidents and their financial impact is far greater than we've seen in the past."

Along with ransomware's resurgence in financial impact and the rise of cryptojacking, attacks via third parties also became more prevalent in 2018, OTA found. The most notable such attack was Magecart, which infected the payment forms on more than 6,400 e-commerce sites worldwide.  

Misconfigured cloud services left sensitive data out in the open in 2018, and credential stuffing attacks also become more popular, the report noted.

How to improve cybersecurity at your business

Perhaps most disheartening fact is that the vast majority of breaches in 2018—95%, by OTA's estimates—could have been avoided through simple approaches to improving security. 

OTA provided the following checklist for organizations to improve their cybersecurity practices:

  • Complete risk assessments for executive review, operational process and third-party vendors

  • Review security best practices and validate your organization's adoption or rationale for not adopting

  • Audit your data and review your data stewardship practices, including data lifecycle management

  • Complete a review of insurance needs including exclusions and pre-approval of coverage for any third-party services (such as cyber forensics, remediation provider, PR firm, etc.)

  • Establish and regularly test an end-to-end incident response plan including empowering 24/7 first responders

  • Establish/confirm relationships with data protection authorities, law enforcement and incident service providers

  • Review and establish forensic capabilities, procedures and resources (internal and third-party providers)

  • Develop communication strategies and tactics tailored by audience (e.g., messages to employees vs. messaging to media vs. notifications to customers)

  • Review remediation programs, alternatives and service providers

  • Implement ongoing employee training for incident response

  • Establish employee data security awareness and ongoing education on privacy, incident avoidance (password practices, how to recognize social engineering, etc.) and incident response

  • Understand the regulatory requirements, including relevant international requirements

"Our report findings indicate that cybercriminals are using their infiltration ability to focus on new, more lucrative attacks," Wilbur said in the release. "Staying up-to-date on the latest security safeguards and best practices is crucial to preventing attacks in the future."

For more, check out How to become a cybersecurity pro: A cheat sheet on TechRepublic. 

Also see 

Internet crime and electronic banking security

Image: iStockphoto/BrianAJackson