In 1971, a researcher working on ARPANET (the precursor to today’s modern Internet) wrote Creeper, a piece of software which would automatically move itself to terminals attached to the network. It was subsequently modified to copy itself to other terminals attached to the network, and the age of self-replicating computer worms and viruses was born.
It took several years for the concept of hidden software that self-replicates across systems to go mainstream, as much as anything could go mainstream at this stage of the Internet. No sooner had the Internet started to make inroads into more businesses and homes did criminals, hackers, and mischievous students begin to find bugs, holes, workarounds, and other methods to exploit systems and the people that use them. Today, the methods and processes these tools and software packages use to autonomously navigate to Internet connected devices has grown just as complex as the Internet itself. And while the early viruses and worms of the 1980s were focused on gaining knowledge of a system and having a little fun in the process, today they represent a huge security risk to businesses and individuals alike.
Viruses (and worms, Trojans, or other attacks) today are focused primarily on two things: profit and mayhem. New attacks such as Crypto-lockers (viruses that encrypt and lock data then demand payment to unlock it) can bring an organization of any size to a grinding halt. When attacks such as this occur, it’s important to recognize how vital computer systems are to every aspect of modern business. How much does that downtime, even if it is just an hour, cost the organization? The cost is tangible in terms of lost revenue and productivity, but also intangible in terms of the organization’s image to the outside world.
The types of cyber-crime have grown ever more varied as well, which now includes:
- Viruses: The traditional disruptive software that can either simply be malicious for maliciousness’ sake, or act as a payload for Crypto-locker/ransom-ware
- Ransomware: Viruses/worms that lock and encrypt data to prevent access, while demanding a ransom to unlock the data. The digital version of the common kidnap scheme
- Phishing: Getting users to intentionally click on links via email or websites which either download viruses or ask for personal information to be entered. Bank account information is the common target, along with Social Security Numbers and other identifying information that can aid in identity theft.
- Hacking: The traditional method of gaining access to a computer system via unsecured ports/connections or bugs in the network hardware/software stack. The goal of hackers are varied, but usually entail profit.
Data breaches, where an organization’s data is stolen (or ransomed, or both) for profit, has been the number one concern for several years, especially now that organizations are collecting more digital information about their customers, vendors, partners, and others. Research by IBM in 2016 estimated the average cost of a Data Breach (by hackers, viruses/worms or other methods) at $4 million per incident. That accounts for loss of revenue, productivity, legal counsel, forensic experts, and other associated IT and legal costs. That corresponds to roughly $129 – $335 per data record stolen.
With the threat landscape being as complex as it is, no organization or person is ever 100% safe from cyber threats. However, there are steps that an organization can take to help mitigate the risk of doing business in the digital world:
- Educate: Educate all levels of employees (especially executes which are more frequent targets of targeted phishing attacks) the importance of data security, including how to spot fraudulent websites and emails
- Evaluate: Perform frequent security audits of all IT systems including keeping up to date with all hardware and software patches
- Mitigate: Cyber threat specific insurance policies are becoming more popular to cover liabilities in the event of data breaches; having outside counsel and experts on retainer for continuous evaluation, monitoring, and response in the event of an incident
Technology has allowed organizations to conduct their business more efficiently than ever before. However, that efficiency has come with additional risks to their infrastructure, clients, and employees. Data breaches and other forms of cyber-attacks will continue to occur, and no organization is immune for these threats. Proper risk assessments and response planning can at least reduce their impact, and provide a bit more piece of mind for organizations and individuals alike.