The world of cybersecurity is nearing a point of no return, with the number of data breaches, password leaks, and cyber attacks on businesses reaching a level that has never been seen before. Currently, there is a cyberattack on a company every 39 seconds, with each successful attack costing businesses millions of dollars.
While cybersecurity has been an issue for decades, this problem is only growing, with recent years seeing a dramatic rise in the number of cases recorded. In 2021 alone, 30,000 websites were hacked every single day, with there being an average of 50% more attacks per week than in 2020.
From personal data to business documents and financial information, nothing is completely secure, with the diverse array of cyber hacking tools currently available seemingly trumping cybersecurity deployments at every turn. In this article, we’ll be taking a deep dive into the current state of cybersecurity, demonstrating why this industry has become such a disaster.
Equally, we’ll touch on a few products that are currently running in counter to the rising threat, taking a look at the cutting-edge responses that the very best minds in cyber defenses have come up with.
Let’s get right into it.
A Whirlwind Tour Through Notable Breaches
When delving into famous breaches in cybersecurity, a peculiar trend instantly arises. While there were some major breaches in the early 2010s, the middle section of this decade was fairly quiet. This all then changed around 2019, when major breaches began happening every few months. In 2021, the Log4Shell vulnerability caused massive tech companies around the world to leave their doors open for easy entry.
Since then, the world of cybersecurity has only gotten worse, with some of the most disastrous breaches happening since the beginning of COVID. Cybersecurity became such a pressing matter during this period that The White House even released executive orders on Open Source and private software cybersecurity defense protocols, urging citizens and companies to take more care when online.
Some notable breaches that have occurred over the last decades are:
- 2013, Yahoo – Still holding the record for the most people affected by a singular breach, this backdoor hack affected over 3 billion accounts and caused loss of personal information. This gave hackers the answer to security questions, passwords, names, email addresses, phone numbers, and any other personal information attached to an individual’s Yahoo account.
- 2014, JPMorgan – This breach had 76 million households corrupted by a singular cyberattack. While the information leaked was luckily not financial in nature, it did release personal emails, phone numbers, names, and more. Since then, JPMorgan now spends $250 million each year to secure its data properly.
- 2021, Microsoft – One of the most impactful cybercrimes in US history happened in January of 2021 when all Microsoft Exchange email servers were hacked. By using the Log4Shell vulnerability, hackers were able to deploy malware on a range of systems and impact over 60,000 companies worldwide due to Microsoft’s deployment in a range of companies through Teams and Outlook.
- 2021, Facebook – With over 530 million users exposed, this modern breach saw a huge loss of personal data, with this being the latest breach since the company began all the way back in 2012.
- 2021, Comcast – The largest breach during 2021 went to Comcast, with this brand having 1.5 billion records purged from their databases by hackers. This huge data breach took millions of accounts, internal IP addresses, node names, and other major indicators for further hacking. The attack on this company has been somewhat of a snowball moment, with the information liberated leading to a range of further hacks.
While these are not the only notable attacks that have occurred during this time, they are some of the biggest. Even from this small selection, one can see that the frequency with which a major attack occurs is becoming much more often. While massive cyberattacks were once a thing of rarity, they now crop up in some regard practically every single week.
A Global Issue
Alongside the widespread impacts of breaches, this isn’t just an issue that’s plaguing a singular nation. While the United States has been the focus of a large number of cybersecurity breaches, that doesn’t mean that other nations aren’t equally feeling the strain.
Countries around the world, including giants like China, the UK, and many leading countries within Europe, are similarly seeing rising amounts of cybercrime. This was further boosted by the 2020 pandemic, with this major global event driving people online in ways that we’ve never seen before.
While global connectivity was already rampant, the need to use tech tools to facilitate every part of the working day during COVID further led to breaches.
Let’s quickly dive into how the pandemic has further scaled the threats currently targeting the world’s cyber defenses.
How the Pandemic Increased Cybercrime
Since the beginning of the COVID-19 pandemic that surfaced at the beginning of 2020, the world has become rife with cybercrime. There are several factors that have led to this occurrence, with the levels of cybercrime across the globe now reaching unprecedented levels.
Most notably, the biggest change that has caused this surge in the number of cases of cybercrime around the world has been directly due to the movement away from traditional working structures. Before the pandemic, the vast majority of businesses would work from a centralized office building. This would involve any employees registered at the company commuting into the office building and conducting their working day from this site.
With the rise of social distancing conditions, workers suddenly have to work from home, with this movement now carrying on into the current day. While working from home boosted company productivity by an average of 13% , there were further negative effects from this movement. Most notably was the expansion of company attack surfaces, leading to hackers having more potential entry points into company databases.
A company attack surface is the total span of everything that’s connected to a company. This could be something as large as the company’s own website, or as small as an individual email account connected to an employee. No matter the size, each one of these points of connection within an attack surface represents a potential avenue of entry for a hacker.
The work from a home movement led to people around the globe having to rely on more technology during their working day, with everything from online meeting platforms to company accounts being multiplied as employees were assigned new profiles for almost everything.
As the number of different entry points for employees increased, with more and more tech tools being added to their stack, the possibility for hackers to target these accounts increased. Due to this, companies have become more vulnerable than ever before, with the need for complete attack surface monitoring leading to automatic machine defenses being the only available option.
Coinciding with the exposure of businesses through the creation of new accounts during the pandemic, the total amount of devices that are connected to the internet is equally increasing at a rapid rate. On a personal level, this leaves individuals more exposed than ever before, as a singular error in privacy configurations could lead to one of these platforms being exposed, with all the individual’s information connected to that device or account being included in a potential breach.
Alongside the many effects of the pandemic that will last long into the future, the drastic impact on the cybersecurity industry is certainly influential.
What Are We Doing About This?
Of course, as a rising cyberthreat has been discovered, there has been a global movement toward preventing these breaches from occurring. While development within cybersecurity is made every single day, there are commonly three areas within which companies and governments are focusing on expanding their cybersecurity reach.
These areas cover new technologies as well as education, with the mix of all three of these strategies providing a range of insightful methods for preventing cyber breaches:
- The Movement Toward Decentralization
- Incorporating AI and Automatic Processes
- MITRE Attack Framework and the Focus on Education
Let’s break these down further.
MITRE Attack Framework and the Focus on Education
Perhaps rather unsurprisingly for anyone that’s worked in cybersecurity, over 95% of all data breaches are directly traced to a human error or action which caused the vulnerability. From individuals accidentally downloading ransomware onto their computers to weak passwords being chosen, there is a range of ways that people can expose company information through their simple mistakes.
With this considered, part of the rallying cry over recent years has been the mass movement towards cybersecurity education. On a professional level, this has been seen through the construction and continual updating of the MITRE Attack Framework, which is a database of all of the known methods that hackers will use to attempt to gain entry into a digital system.
By comparing a company’s current cybersecurity efforts against the Attack Framework, experts can see where their company is falling short of covering, helping them to create more modern and expansive cyber defenses.
Alongside this, there has been a great focus placed on educating employees about the importance of cyber security. From workshops and tests sent out to the IT department to mandatory seminars, companies around the globe are attempting to educate their employees on the best practices for staying safe online.
This movement toward education will help to reduce the individual errors that lead to breaches.
The Movement Toward Decentralization
Over the past few years, one of the largest trends within technology has been the widespread popularization of decentralized technology. What started with cryptocurrencies like Bitcoin has now spread into a developed ecosystem of tools, with Web 3 being the latest iteration of actually applying this technology.
Within decentralized technology, one of the biggest movements toward bolstering general cybersecurity is the development of the Decentralized Cybersecurity Mesh by Naoris Protocol. At its core, decentralized technology focuses on creating a system that has no single point of failure, never having to rely on a centralized organization or individual node.
The Decentralized Cybersecurity Mesh takes this idea and runs with it, converting every single device into a validator node. In real-time, this means that all devices are checking and monitoring every other device, changing singular points of failure into multiple points of defense.
While this is still in its early stages, the uses of decentralized technology within the cybersecurity space are revolutionary, with their application certainly being one of the most exciting developmental aspects currently bubbling under the surface of this field.
Incorporating AI and Automatic Processes
As stated earlier in this article, one of the main problems that faced businesses during the era of COVID was the rapidly increasing attack surface that each had to manage. While cybersecurity experts could fashion defenses and manually check each one of the potential entry points into their system, as the attack surface became increasingly complex and scaled, this was no longer an option.
The possibility of running manual defenses, including Red and Blue teaming manually, has now reached a point of no return. With the sheer size of the threat, more and more businesses are now turning toward automatic tools to protect their businesses. Industry leaders in cybersecurity are now releasing tools driven by and constructed with artificial intelligence.
By using automation of these processes, companies are able to create a 24/7 approach to cybersecurity, continually monitoring their attack surfaces and running detection software on their systems. Considering that the average cybersecurity breach takes over 200 days to discover, this movement to AI and automation is set to significantly improve detection and prevention in this industry.
While cybersecurity is an industry that’s seeing a great deal of difficulty at present, this doesn’t mean that the field as a whole is doomed. There is a certain truth to seeing the rapid progression of the tools that attackers are using to launch cyberattacks. Yet, the tools and resources that the international community of those working within cybersecurity are currently developing are equally as advanced.
With the mass movement toward defense strategies and the continual development of cybersecurity research, we’re currently seeing a range of effective practices that can help keep both individuals and businesses safe during our new digital era. Although the pandemic accelerated the amount of cybercrime from the 2020-2022 period, we’re now starting to see the world of cybersecurity catch up to the threat.