Online security

It’s not fair, but cybercrime is cheap

It may not be fair, but cybercrime is cheap. How cheap? You can buy ransomware for as little as $66 or hire a malicious actor for $250. And if you look hard enough, you can even get a phishing kit for free from underground forums. Although these illicit methods are not expensive, the damage they inflict can be extensive.

The low cost of cybercrime is one of the reasons the number of incidents has increased. This should be of concern to any business or organization with an online presence. Let’s find out how businesses can protect themselves.

They all went phishing

Phishing has become more popular than ever. According to the FBI’s Internet Crime Complaint Center, the number of phishing complaints more than doubled in 2020 to 241,342 cases from the previous year. From there, attacks doubled again as phishing hit a monthly high in Q3 2021, according to a recent report from the Anti-Phishing Working Group (APWG).

The total number of incidents (reported and unreported) must be higher. A record 2 million phishing sites were reported in 2020, the most in a decade. This is not surprising, since phishing kits are so cheap.

Anyone can get a phishing kit

Phishing kits are .zip files containing all the scripts needed to deploy an attack. These kits allow anyone with minimal programming skills to trigger massive ransomware campaigns. In 2019, the average price of a phishing kit was $304, with prices ranging between $20 and $880.

Recently, Microsoft discovered a campaign that used 300,000 newly created and unique phishing subdomains in one massive run. Microsoft has also identified a phishing-as-a-service organization known as BulletProofLink. It was like any other brand of software as a service, with tiered service levels, email and website templates, hosting, newsletter and even 10% off your first order .

Meanwhile, even the attackers are targeted. Some phishing kits have been unlocked and posted for free on dark web forums.

Average cost of a ransomware attack

On the other hand, being attacked is expensive. According to the IBM Cost of a Data Breach report, in 2021 the average cost of a ransomware attack was $4.62 million (not including the ransom, if paid). Compare that to the $66 attackers can pay for a ransomware kit.

Before you quit your day job to become a threat actor, know that the law is also stepping up investigative efforts. There is even evidence that the FBI can now track and recover funds paid in cryptocurrency.

Larger and more sophisticated threats

While ransomware grabs the headlines, other more sophisticated attacks reveal just how far threat actors will go to steal from you. Take the case of Evaldas Rimasauskas, who together with his accomplices set up a real company in Lithuania to emulate Quanta Computer, a business partner of Google and Facebook based in Taiwan.

From there, the impostor company sent out phishing emails with fake invoices attached. Before they got caught, they tricked Google and Facebook into paying over $100 million into bank accounts in Latvia and Cyprus.

Ransomware Prevention

Cybercrime continues to grow in scope and depth. Inexpensive phishing attacks result in higher attack volumes. And phishing is responsible for ransomware infections 42% of the time. 42% of ransomware attacks occur through exposed Remote Desktop Protocol (RDP) services. RDP service attacks use brute force, weak credentials, or phishing to gain access to legitimate usernames and passwords.

Due to the volume and sophistication of attacks, piecemeal security measures are increasingly inadequate. This is why security experts have also worked hard to provide viable and effective solutions.

Organizations are responding in part by adopting a zero-trust approach. We can think of it this way: when someone rings your doorbell at home, you check who it is before you open the door. Zero Trust works on the same basic principle. Every user, device, and connection needs to be verified, every time.

Zero Trust

As the threat landscape becomes more treacherous, better defenses are needed. Zero Trust incorporates some of the most advanced security methods to keep the growing tsunami of attacks at bay. Some of the methods used in zero-trust strategies include:

  • Encrypt and back up your most valuable data
  • Integrate artificial intelligence with analytics and deep learning for proactive protection and more accurate detection
  • Add threat response automation and analytics for faster response
  • Collaborate with hundreds of thousands of users to detect and alert on emerging threats and vulnerabilities as early as possible
  • Identity Access Management (IAM) – Centralized employee and consumer identity and access management in a single, cloud-native identity solution
  • Secure Access Service Edge (SASE) – A framework that converges network and network security functions into a single cloud service model. Enables authentication and authorization of users anytime, anywhere using a least-privilege model.

Fear the future or seize the day?

While no business likes having to deal with growing security issues, modern solutions can also improve business operations. If we take a closer look at SASE, we can see how this win-win scenario unfolds.

As businesses require anytime, anywhere access from any device for their users and third parties, organizations are moving away from virtual private networks. We all want low latency and smooth user experiences. Reliable real-time context and secure access to applications in the public cloud are essential for IT and business teams today. This is made possible by SASE, which in turn enhances security.

So yes, threat actors are busier than ever. They have access to cheap attack methods, or they concoct complex schemes. But strong and robust security responses also exist. They can even be good for business in many other ways. And that’s good news.