Jump to ↓
Identity-based threats |
Data-centric threats |
Network and system vulnerabilities |
Looking beyond cybersecurity threats |
In 2004, the federal government first designated October as Cybersecurity Awareness Month. Even after two decades, the need for both private and public organizations to be vigilant against cybercrime is greater than ever. Cybersecurity threats have continued to explode in number and in destructiveness.
According to the Identity Theft Research Center, there was a 72% increase in data breaches in 2023 over 2021, which was a global record year for these crimes.
|
Statistics like these provide sobering evidence of how critical it is for businesses and government entities to understand common threats and vulnerabilities and thus protect:
- Client data
- Employee credentials
- Proprietary assets
- Sensitive information
To meet ever-increasing cyber threats, risk professionals in the public and private sectors are learning about and practicing cyber risk management. Cyber risk management, also called cybersecurity risk management, refers to the process of identifying, assessing, and mitigating risks to an organization’s IT infrastructure. Cyber risk management should be considered a key element of an organization’s overall risk management program and thus essential to its operational and financial well-being.
Organizations both public and private need to understand potential vulnerabilities, particularly the most widespread and most dangerous risks. This awareness can help them better protect their IT infrastructure and thus protect themselves and the customers, clients, citizens, or partners whose data they’re trusted to protect.
Even with threats evolving and increasing, there’s a great deal that organizations can do to prevent fraud and the other potentially disastrous consequences of cybercrime.
Identity-based threats
This term describes threats where the cyber-criminal uses a false identity to access the organization’s IT infrastructure, typically for fraudulent purposes. Here are some of the most common and most dangerous identity-based cybersecurity threats:
Phishing
This is one of the oldest techniques for digital fraud. And despite how familiar it has become, it’s remarkable how successful it continues to be. People keep clicking on phony links designed to steal sensitive information. Often the link will come in an email that appears to have been sent by, say, a bank or a government agency. The link (or the fake website it connects to) will make what appears to be a seemingly legitimate request for a:
- Bank account
- Credit card
- Social Security number
While many phishing emails are almost comically obvious, others are much more sophisticated. They might appear to have come from one’s manager or the company’s CEO—and not everyone thinks of verifying its legitimacy. What’s particularly worrying to cybersecurity experts is the use of AI to generate more believable phishing emails and create so-called “deepfakes” that can fool employees into thinking that a client or company higher-up is asking for sensitive information.
Social engineering
Phishing is a prime example of a “social engineering” cyber-attack. Social engineering describes techniques in which cyber criminals trick employees, suppliers, or contractors into revealing:
- Confidential information
- Clicking on malicious links
- Providing entry to the organization’s IT system
These bad actors may make approaches via email or telephone; they may use voice impersonation software to make the attack more convincing. Whatever approach the threat actors take, the fact remains that social engineering-related attacks are the cause of most data breaches.
Credential stuffing
This technique involves using stolen login credentials (that is, a person’s name or email address and a password) stolen from a data breach and using it to attempt to access other sites connected to the organization. Credential stuffing is so successful because so many people use the same password across multiple sites.
Mitigating identity-based threats
Organizations can educate employees about the perils of digital identity theft techniques and the ways to protect themselves. With identity theft rampant, organizations also should strengthen their identity verification strategies.
While two-factor authentication has a boon to protecting digital data, fraudsters are constantly devising new methods of digital attacks. That may require organizations to add new lines of defense to verify customer identities, such as fingerprint matching and live facial recognition. Digital tools using artificial intelligence could help organizations detect and prevent a variety of risks.
Data-centric threats
Cybercriminals commonly target an organization’s sensitive internal and customer/client data, either to defraud the organization or to use the stolen data to create false identities that can be used for fraudulent purposes elsewhere.
Ransomware
A ransomware attack involves the installation of malware (which we’ll discuss more below) onto an organization’s IT system, giving the attacker control of certain (or all) of the organization’s information. The hacker then encrypts that data, making it inaccessible unless the business pays a ransom for the encryption key.
Data breaches
When organizations think of cybersecurity threats, data breaches are most likely to come to mind first. And that makes sense. Stolen data is highly valued by fraudsters worldwide, such as:
- Employee login credentials
- Customer credit card
- Social Security
- Bank account numbers
Data breaches can also cost organizations in terms of significant fines for lax data protection as well as damage to their reputations.
Insider threats
Many data breaches occur because of insider threats—cybersecurity risks that originate from within an organization. The “perpetrator,” which can be an employee, vendor, or someone else with legitimate access to the organization’s network, may not intend to damage that network.
They may simply be a victim of a phishing attack, for instance, thus allowing a hacker to slip in and create mayhem. However, they still can impose significant costs on organizations in terms of downtime and the expense of repairing the damage.
Man-in-the-middle
In a man-in-the-middle attack, a threat actor inserts himself in a conversation between a user and an application, making it appear as if a normal exchange of information is underway. The goal, of course, is to make off with login credentials, account details, and sensitive company and customer data.
Mitigating data-centric threats
Organizations can prevent or reduce the incidence of these cybersecurity threats by following the practices for protecting data discussed above and by reducing their IT infrastructure’s weak points.
Network and system vulnerabilities
To gain access to data to steal or accounts to take over, fraudsters may exploit flaws in one of the software applications an organization uses. Simply put, a flaw in a company’s database management software, cybersecurity strategy, e-commerce platform, or email system can provide an open door through which a hacker can walk in and wreak havoc.
Malware
Malware is defined as software that a threat agent develops and uses to disrupt an organization’s IT network. Malware allows the cyber-criminal to steal sensitive information, embed ransomware, or shut down the network.
Denial of service
A denial-of-service attack disrupts the network’s services so that the organization can’t use them. The attacker typically does this by overloading a network or website with requests until it can’t function.
The attacker’s goal is usually not to steal data. The motivations can include revenge (the attacker may be a disgruntled ex-employee) or politics (the attacker opposes the organization’s business or outside activities).
Zero-day exploit
This is a cyberattack that exploits a security flaw in an organization’s IT infrastructure. The term “zero day” refers to the fact that it’s already too late for the software or hardware vendor to fix the flaw. The damage already has been done.
Mitigating network vulnerabilities
Education and training are essential to preventing many of these attacks. And IT staff should follow cybersecurity best practices by regular testing and patching of system software. Organizations also can benefit by conducting thorough due diligence before partnering with software and hardware vendors to ensure (as much as possible) that they’re providing reliable, well-supported products.
Looking beyond cybersecurity threats
October is an appropriate time for organizations both public and private to familiarize themselves with cybersecurity risks. But cybersecurity threats growing and businesses and digital technology are increasingly fundamental to organizations’ operational functioning, cybersecurity should be top of mind all year long.
A strong cyber defense requires a proactive and adaptive approach that combines technology tools and human vigilance. Cyber risk management–constantly monitoring and mitigating cybersecurity threats–is essential to that defense.
Thomson Reuters CLEAR, a digital public records tool with risk management capabilities, addresses many cyber risks by helping verify the identities of website visitors and potential customers, clients, and vendors.
Thomson Reuters is not a consumer reporting agency and none of its services or the data contained therein constitute a ‘consumer report’ as such term is defined in the Federal Fair Credit Reporting Act (FCRA), 15 U.S.C. sec. 1681 et seq. The data provided to you may not be used as a factor in consumer debt collection decisioning, establishing a consumer’s eligibility for credit, insurance, employment, government benefits, or housing, or for any other purpose authorized under the FCRA. By accessing one of our services, you agree not to use the service or data for any purpose authorized under the FCRA or in relation to taking an adverse action relating to a consumer application.