Not long ago, installing antivirus software was all that most businesses needed to do to protect themselves from malicious software. When you initially connected your business's computers to the Internet, you probably felt sufficiently safe with a firewall in place.
Today, though, the best security practices of the past are no longer sufficient. Today's cyber criminals are not hackers working alone out of their parents' basements. Cybercrime groups have organized themselves and now resemble traditional businesses. Cyber crime will be a $6 trillion industry by 2021. IBM CEO Ginni Rometty has called cyber crime the "greatest threat" to "every company in the world."
Cyber criminals use automated tools to search random computers around the world for vulnerabilities. No business is safe; even small businesses are attractive targets because any stolen data has value.
Let's learn a bit more about how modern cyber criminals operate -- and find out what your business can do to protect its critical data.
Cyber Crime as a Service
There was a time in which committing cyber crimes required no small measure of technical ability. If you wanted to infect computers with malicious software, you would both have to program the software and find a way to infect computers with it. Today, though, you can simply pay others to do your dirty work for you.
Most service-based cyber crime deals take place on the dark web -- websites that are unavailable to view except by those using anonymity networks such as Tor. With cybercrime as a service, would-be cyber criminals can use anonymous currencies such as Bitcoin to pay for immediate access to:
- Exploit kits that gain access to vulnerable computers for data theft or malware infection
- Botnets capable of disrupting any business or website with a denial-of-service attack
- Ransomware software that infects computers, encrypts their critical files and demands payment to restore access to the encrypted files
Since networks such as Tor virtually guarantee that users and website owners will remain anonymous, cyber criminals have proven difficult to identify and apprehend. As a result, cyber crime as a service is only growing in popularity.
Ransomware Affiliate Networks
Of all the forms of malicious software, ransomware is perhaps the most effective in generating illicit revenue rapidly. Since ransomware encrypts crucial files and renders them inaccessible, antivirus software is useless against it.
Antivirus software can remove the application that encrypted the files, but it can't restore access to those files.
Cerber is one of the most dangerous ransomware threats. Cerber spread rapidly in 2016, earning an estimated $2.3 million even though just 0.3 percent of victims paid ransoms.
Cerber has proven successful largely because its creators have recruited a network of affiliates. Affiliates download customized copies of Cerber that contain unique tracking codes. The tracking codes enable Cerber's developers to provide statistics about impressions and conversions -- just like any other affiliate network.
To earn money from Cerber, affiliates need no software programming knowledge; they only need to spread the ransomware. When a victim pays Cerber's ransom, the affiliate receives most of the money.
The developers receive the rest. Cerber even promises to launder the Bitcoins -- removing evidence of their illicit origin -- on its affiliates' behalf.
Technology Partnerships Can Provide Protection
When one considers the growth of cyber crime as a business -- and the number of small and medium businesses that are victimized each year and can't afford the associated costs -- it becomes clear that a business is hard-pressed to focus on growth and security simultaneously.
Maintaining a firewall, keeping operating systems up to date, running antivirus software and educating employees about the best security practices requires enormous resources for a small business -- and those tactics offer no protection from some forms of cyber crime.
For real protection from cyber criminals, your organization needs to hand the reins over to a partner who has the necessary resources to focus fully on security -- so you can focus on growing your business. A cloud technology provider can handle software updates and provide a system for automatic data backups that negate the effects of ransomware.
With its enormous network capacity and ability to transfer operations seamlessly from one data center to another, a cloud provider also protects your business from denial-of-service attacks.
What are you doing to protect your business from cybercrime?
With attacks against businesses growing at an unprecedented rate, there is no longer any benefit in wondering whether your business will one day fall victim to an attack. Instead, you should ask yourself if your business is prepared to mitigate the damage when an attack does occur.
The time to prepare is now.