Page 103 - Cyber Defense eMagazine January 2024
P. 103
enabled hacker groups to increase the severity and sophistication of these cyber-attacks and made it
easier to gain access to systems and sensitive information. Hackers are casting wider nets, probing
deeper for network vulnerabilities, and breaching companies at higher rates, all at greater and greater
speeds afforded to them by the continued advancement of digital technologies.
Cyber attacks are largely a financially-motivated crime. A hacker or ransomware gang is able to gain
access to a company’s servers and threaten to either release sensitive customer data or cripple their
operations unless payment of ransom is made. While critical infrastructure and high-profile companies
with billion-dollar valuations would seem the logical preferred target of these groups, small-to-medium
enterprises actually account for almost 70% of reported attacks. The reason being is quite simple. These
companies, by and large, lack the resources and security protocols to repel cyber attacks, and hackers
will always gravitate towards the path of least resistance.
While money may be the principal motivation for these ransomware groups, it is not the only one. Many
of these hacker groups are actually using these tactics in order to advance some politically or ideologically
motivated agenda. This can be domestic, as we have seen a rise in ‘hacktivism’, the practice of using
cyber attacks and breaches as exercises in civil disobedience and a means to strike out at political
parties, industries, and businesses. This can also be global, however, as these groups militarize. As
international conflicts continue to erupt and escalate in every corner of the world, cyber terrorists join
ranks in these wars in order to strike out at the economic and social structure of their enemies. Whether
this is Russian efforts to destabilize Ukraine or Hamas attacking United States organizations that use
Israeli-made technologies and industrial devices, these hacker groups fight their own war on digital
battlefields. When mobilized, these groups can cause untold damage and disruption to a nation’s
economic and military capabilities.
For many companies, the threat of cyber attacks looms large. Not only do these attacks cause loss of
revenue and disruption of services, but they also come at the risk of the personal data and information
entrusted to them by their valued customers and clients. These incidents are not just minor threats to a
company’s continued viability. Many do not last six months following a reported breach. Then there is the
toll that these attacks take on the very fabric of our society. Hospitals and health centers have to turn
patients away and prioritize the urgency of one surgery over another due to massive operational outages.
Municipalities and critical infrastructure are unable to respond effectively to emergencies and provide
vital services to constituents and customers.
As these attacks increase in frequency and scope, cybersecurity protocols must be implemented and
adhered to in order to thwart hackers and ransomware groups. There needs to be a better understanding
of security risks and appropriate cyber attack strategies among all levels of business and industry. There
must be a concerted effort to become more proactive. The traditional approach to cyber security is not
enough. Cyber criminals are able to gain access to and set up network surveillance and data drips for
months before businesses are even made aware of a breach. By implementing safeguards that can
monitor all outbound traffic on a network and install egress controls to deny any connections that are
unknown and/or connecting to highly suspicious countries, organizations can identify threats and prevent
breaches with greater speed and efficacy. The deployment of these protocols would allow businesses
and IT providers the foresight to know about any activity taking place on their network and over their
Cyber Defense eMagazine – January 2024 Edition 103
Copyright © 2024, Cyber Defense Magazine. All rights reserved worldwide.
