Technology is an industry that does not stop and advances in a race with no end in sight; But crime is no stranger to these changes, since more and more sophisticated attacks are successfully carried out by cybercriminals.
According to Jorge Utrera, Manager of the SISAP CERT incident response area, the attack is known as Ransomware (41%) is the number one threat in the region, closely followed by BEC-type attacks (16%); both cyberattacks have multiplied during the pandemic.
“Taking cybersecurity lightly thinking that we will never be victims of these attacks, either personally or in our organizations, is a very innocent mistake that could have great economic and operational repercussions,” said Utrera.
The expert shared some shocking data from studies recently conducted by Sophos and Proofpoint on Ransomware, a type of malicious code that hijacks information and then extorts money from its owner.
The tactic of cybercriminals is to demand the payment of a sum of money to recover the information or to prevent its disclosure. 54% of these attacks successfully decrypted the stolen data, putting databases at risk, which included confidential information of the organization, customers, among others.
Other alarming data that Utrera shared about this modality are:
The payment that organizations make to recover the data kidnapped by cybercriminals ranges from USD $10,000 to exorbitant amounts above a million dollars.
Despite making the payment to recover the stolen or hijacked data, on average organizations manage to recover 65% of the information, leaving the remaining 35% completely inaccessible.Only 8% of the companies that have paid ransoms in exchange for their information have managed to recover 100% of their data.
Despite the fact that, on average, 56% of Ransonware attacks fail to decrypt the data of the attacked organizations, extortion payments to cybercriminals doubled in the last year.
In Latin American countries (Chile, Colombia, Mexico, Brazil), USD 1.21 million is the average cost incurred by organizations that have been victims of Ransomware attacks to restore their operations and remedy the damage suffered.
Attention should also be directed to Phishing and BEC
Phishing is another cybercriminal technique that you should pay attention to. This is a computer attack that seeks to obtain personal data from users through deception, impersonating the identity of organizations or people, in order to deceive the end user and obtain their credentials, credit card numbers, among others.
With regard to BEC for its acronym in English (Business Email Compromise), it is a very well planned type of attack, where cybercriminals manage, based on deception, to infiltrate conversations of organizations to obtain funds fraudulently.
Utrera mentioned important figures about these methods:
According to the FBI in the year 2021, US$2,396 million confirms the BEC as the costliest attack of the types of cybercrime.In 2020, 57% of organizations reported having been victims of a successful phishing attack compared to 55% in 2019.
Users from some industries are more vulnerable than others, the same goes for users from different departments in organizations; The departments most affected by cyberattacks being General Services or Physical Facilities (17%) and Maintenance (15%). The FBI reported a 100% increase in BEC attacks between May 2018 and June 2019.
More than 140 countries are part of the destination of the transfers made due to BEC, the main destinations being: China, Hong Kong; and in recent years there has been a strong increase towards Mexico, the United Kingdom and Turkey.
Between January 2018 and June 2019, there was an 815% increase in BEC cases due to “Change of employee payroll accounts” only in the United States of America, affecting small, medium and large companies.
The 58% of BEC Attacks that managed to successfully steal money, an average loss of US$30,000 according to the report.“In a BEC-type attack, cybercriminals involved in corporate email communications study and learn with great patience (often up to more than 6 months) the operating mode of communication of the organization internally and externally, and the tone and manner of financial operations of organizations. This study is carried out prior to carrying out the deception, which they execute by supplanting the identity in an email that appears to be normal”, concluded Utrera.