The proliferation of e-commerce, gadgets and the Internet has made it difficult for organisations to cope with the rise of online crimes and threats. Some companies are completely oblivious to the situation, experts say.
However, the expectations from consumers has been rising with the rise of new business models. The success of Singles Day and Black Friday as major e-commerce events make it that much more difficult to keep the hackers away.
Recently, a guest database of five hundred thousand records of Starwood Hotels’ was hacked. These contain very confidential financial information that hackers have gathered, which they use during peak shopping periods when e-commerce operators are under a lot of stress.
“The ecosystem has developed an interconnected environment, where a business’ security does not depend only on the business itself but also on third parties. The confidentiality, integrity and availability of data and especially personal data is becoming more vulnerable, impacting the security and privacy of consumers,” said Dr Magda Chelly, CEO of Responsible Cyber, a cyber security consulting firm based in Singapore.
How hackers hack?
Hackers are becoming a lot more innovative and have come up with novel ways to get under your skin. And Ransomware is one of them. It has tremendously large implications on both small and large corporations and as the name suggests hackers disable vital systems in your operating systems and hold you to ransom.
Statistics show that ransomware is growing at a remarkable rate of 6000% in 2016, an IBM study found, and a triple-digit increase into 2018. Trojans, another type of cyber-attack tool, also known as “con programs” present a persistent threat to business operations.
It is forecasted that there’ll be more hardware trojan in the future. Networked printers are one such vulnerability, say Boris Balacheff, Chief Technologist for System Security Research and Innovation at HP Labs, HP Inc (NYSE: HPQ).
Hardware Trojans can be implanted into an electronic circuit at any stage of design and development, manufacturing, distribution or maintenance.
How quickly are organisations responding to Cyber-threats
As a first step, businesses need to take a risk assessment study of their IT infrastructure and operations to understand their risk exposure to the evolving threats online. This will allow the business owner or stakeholders to implement a risk mitigation plan.
And the cyber-security risks vary from one business to another and to compound the issue, the risk appetite for cyber-attacks varies from one organisation to another.
Businesses need to do a 360-degree analysis of their cyber risk exposure. And this typically includes a detailed study of their financial, legal, operational to IT. The risks appetite is evolving as businesses align more closely to the financial and reputational risks associated with a cyber-attack.
According to Dr Chelly, “Addressing cyber risks requires specific skill and knowledge. “In many cases, the major challenge companies are facing is the lack of understanding of the risk itself and how to address it.”
It appears that businesses are either complacent or not aware of the risks of a cyber-attacks. And these include from the very small to large organisations. Take the printer for instance, it can be a host to a number of trojan horse attacks – businesses are completely oblivious to these risks and putting many consumers at risk.