X-Industry

Every year, the statistics on cyber-attacks seem to get spookier, according to Chuck Brooks, President of Brooks Consulting International.  “As we finish October’s Cybersecurity Awareness month, it is a suitable time to review some of the key statistics and trends that can haunt us and help us meet the cybersecurity challenges of the evolving digital ecosystem.  There are so many frightening cyber stats that I had room for only a few categories, but they are important ones to know.”

The healthcare industry is a continuing prime target for criminal hackers. Consider these realities: “Nearly 40% of healthcare organizations reported it took more than a month to recover after an attack, according to the survey by cybersecurity firm Sophos.  The healthcare sector’s increased burden of ransomware attacks comes as other industries face fewer incidents, according to the survey by cybersecurity firm Sophos.  Recovery from ransomware attacks takes longer — sometimes more than a month- as attacks increase against the healthcare industry; about two-thirds of respondents said they were hit by a ransomware attack in the past year, up from 60% the previous year.  Just 34% said a ransomware attack hit them in Sophos’ 2021 report.[1]

14M patients affected by healthcare data breaches in 2024 - Healthcare organizations remain top targets for cyber threat actors, according to a SonicWall threat brief that explored trends in healthcare data breaches.14M patients affected by healthcare data breaches in 2024 | TechTarget.  “At least 14 million patients in the US have been affected by healthcare data breaches in 2024 so far, a threat brief by cybersecurity company SonicWall revealed.  Moreover, 91% of the healthcare data breaches that SonicWall researchers analyzed involved ransomware, highlighting the continued targeting of the US healthcare sector.  SonicWall based its report on data from SonicWall Capture Labs, which uses machine learning to collect and retain data about attack vectors and threats in real-time. The researchers concluded that healthcare remains a top target for exploitation by cyber threat actors due to its data-driven nature and reliance on sensitive data.”

“The massive Change Healthcare cyberattack could have compromised data from 100 million people, the largest healthcare data breach ever reported to federal regulators.  Responding to the cyberattack has cost UnitedHealth, too.  Earlier this month, the healthcare giant said it recorded $2.5 billion in total impacts from the attack through the nine months ending Sept. 30, including $1.7 billion in direct response costs.”

Author’s Take: The cyber-attack on Change Healthcare is alarming and another wake-up call.  It is not surprising that hackers focus on healthcare.  As computers and other devices used for medical care become more networked and linked, the digital world of health management, clinics, hospitals, and patients has become more vulnerable. A more comprehensive approach to healthcare cybersecurity should include better risk management, more investments in cybersecurity to protect systems, and good cyber hygiene.

Dmitry Raidman, CTO & Co-founder of Cybeats, offers excellent advice: “Given its critical nature and unique vulnerabilities, the healthcare sector must adopt a multi-layered approach to combat the rise in ransomware attacks.  This means strengthening security through continuous network segmentation, deploying endpoint detection, and enhancing user training, as healthcare systems are only as resilient as their most vulnerable points.  A proactive, risk-based approach that includes frequent vulnerability assessments and comprehensive data backups is essential to ensure operational continuity and patient safety. Collaboration with industry stakeholders and sharing threat intelligence can also give the healthcare sector a stronger front against these growing cyber threats."

“Ransomware attacks rose 73% between 2022 and 2023, according to a report published last week by the Ransomware Task Force, part of the Institute for Security Technology, a Washington DC think tank.  The annual report, which includes a map of global ransomware incidents and identifies ransomware trends based on reporting of double-extortion attacks, in which cybercriminals demand ransom payments from victims to keep their data private and off the dark web, found there were 6,670 ransomware incidents in 2023, with more than 2,800 incidents just in the United States.”

“Cybersecurity Ventures predicts that by 2031, ransomware will cost victims $265 billion annually and attack a business, consumer, or device every 2 seconds.  Chief information security officers and cybersecurity teams devote more time than ever to protecting against ransomware. Ransomware gangs are, in almost every case, financially motivated.  These cybercriminals will stop at nothing to be paid, whether this means locking up your personal information or grinding the operations of a Fortune 500 company to a halt.”

The Institute for Security and Technology2023 RTF Global Ransomware Incident Map: Attacks Increase by 73%, Big Game Hunting Appears to Surge - Institute for Security and Technology.  “The 2023 RTF Global Ransomware Incident Map presents the task force’s annual map of ransomware incidents and identifies ransomware trends worldwide.  2023, the data showed 6,670 ransomware incidents, a 73% year-over-year increase from 2022.  This increase is consistent with other recently published findings, demonstrating an overall increase in ransomware activity and illicit cryptocurrency payments.  For example, the FBI Internet Crime Center (IC3) reported over 2,825 complaints from the American public alone.  According to Chainalysis, ransomware payments broke a new record, totaling over $1 billion in 2023.”

Analysis - Due to the substantial number of easy targets, ransomware will continue to be a devastating threat.  A world that is becoming more hyper-connected affects every part of our lives.  Maintaining and safeguarding data is an essential security requirement for all businesses and organizations. Knowledge of and skill with ransomware can assist in solving numerous safety issues.  Cyber hygiene is essential as solid passwords, multifactor authentication, and phishing awareness training make a company less of a target. New cybersecurity technologies, tools, and standards can help slow the staggering rise in ransomware attacks.  Protecting systems, networks, and devices is essential to make them a more resilient word cloud for privacy policy.

“New research has uncovered more than a million passwords linked to the IT systems of UK law firms on the dark web.  Researchers found that nearly three-quarters (72.2%) of the 5,140 law firms audited had employee username and password combinations that appeared in lists circulating in the internet's darkest corners.  1,001,313 passwords were discovered, averaging 195 password combinations per firm or 1.27 per individual staff member. Atlas Cloud, the IT outfit that conducted the research, warns that cybercriminals could use this information to infiltrate a firm’s IT systems, potentially gaining access to valuable data or intercepting transactions.

Last autumn, before its merger with Shearman, Allen & Overy confirmed that it had “experienced a data incident affecting a small number of storage servers” after reportedly being targeted by a hacking group with ransomware.  Similarly, in 2017, Legal Cheek reported that hackers had taken DLA Piper‘s computer systems and phones offline using malicious software.”  Companies are dramatically increasing their use of external cybersecurity advisers, with 87% now engaging outside experts compared to 43% in 2023, according to new research from EY’s Center for Board Matters.  The surge comes as cyber threats grow more sophisticated, with FBI data showing a 10% increase in complaints and a 22% rise in losses to $12.5 billion annually.”

Author’s Take: Law firms should seek help from subject matter experts (SMEs) who know about the newest technologies and compliance/governance rules in the cyber ecosystem.  New threats and technology problems pose a higher risk to their client's money and reputation. SMEs for the legal community are especially important because the cyber danger comes from criminal organizations and countries that are at odds with each other.  Because of a change in the cyber risk environment, more money is being spent on threat awareness and sharing information, which is vital for businesses to stay open.  SMEs are essential to figuring out the danger landscape and finding weaknesses.

According to Enoch Long, a long-time cyber security executive, “Cybersecurity SMEs who not only have a GRC expertise but also have a strong SecOps background can build a risk management strategy for law firms that should focus on education and training, data protection and privacy and IT security best practices.  These focus areas will help guide and shape the firm's culture regarding the type of industry frameworks that will be adopted and implemented, which will be utilized for governance, compliance, GDPR requirements, policy development, and procedure execution.  An SME can help bolster a law firm's internal IT security team by recommending the most applicable security tech stack and understanding the cyber geopolitical threat landscape, an imperative skill when defending against threat actor groups that target law firms.  As the sophistication and craftiness of threats mature and the cost of breaches continues to escalate in the legal profession, getting the appropriate outside help is a sensible option.

The Impact of Artificial Intelligence - This is a particularly frightening statistic, as identity fraud is now being significantly enabled by generative artificial intelligence tools:  Deepfake Fraud Doubles Down: 49% of Businesses Now Hit by Audio and Video Scams, Regula’s Survey Reveals

Deepfake Fraud Doubles Down: 49% of Businesses Now Hit by Audio and Video Scams, Regula’s Survey Reveals that “In 2024, every second business globally reported incidents of deepfake fraud, revealing a growing trend in AI-related crimes over the past two years.  Meanwhile, fraud involving fake or modified documents now outpaces AI-generated scams.  These are the first findings from a new survey*  “The Deepfake Trends 2024,” commissioned by Regula, a global developer of forensic devices and identity verification solutions.

Regula’s survey data shows a significant rise in the prevalence of video deepfakes, with a 20% increase in companies reporting incidents compared to 2022**  While 29% of fraud decision-makers across Australia, France, Germany, Mexico, Turkey, UAE, UK, and the USA reported encountering video deepfake fraud in 2022, this year’s data; covering the US, UAE, Mexico, Singapore, and Germany that shows this figure has surged to 49%.  This sharp increase across the revised cohort underscores the growing challenge of video deepfakes and their continued threat to businesses.  Audio deepfakes are also rising, with a 12% increase compared to 2022 survey data.”

“New research from Teleport reveals that AI impersonation now ranks as the most challenging cyber-attack vector for security experts to defend against, as indicated by 52% of senior leaders surveyed.  The 2024 State of Infrastructure Access Security Report issued by Teleport highlights the growing complexity of social engineering techniques, with AI and deepfakes substantially enhancing the effectiveness of phishing scams.

Analysis: Theft is a logical target of hackers using AI tools.  Many have anticipated artificial intelligence's arrival, and AI is becoming mainstream.  Machine learning and natural language processing, which are already commonplace in our daily lives, contributed to the creation of AI.  Criminal hackers are automating more of their phishing attacks with artificial intelligence and exponentially reaching many more businesses, agencies, and consumers.  Generative AI makes it easy for anyone to become a hacker.  Advances in technology have rendered phishing more accessible to cybercriminals.  They have easy access to digital images for creating deep fakes and social engineering data to make them more viable.  Hackers often combine spear-phishing, a technique they use to target executives at companies or organizations, with ransomware.  Throughout its two-decade history, ransomware has grown in popularity because it makes it simpler for hackers to collect money via cryptocurrency.

Emerging Technologies Are Impacting Cybersecurity - Inside Cyber, by Chuck Brooks, takes complex ideas about emerging technologies and provides a simplistic explanation.  Brooks takes technology such as quantum computing, 5G, and Artificial Intelligence and explains the positives and negatives of these new technologies.  We all live in a world that seems to be changing by the day.  Keeping up with the times and understanding the innovative technology around us can seem impossible, especially as it affects our daily lives. Just a few years ago, artificial intelligence was considered to exist only in sci-fi movies.  Cellular speeds are coming close to rivaling Wi-Fi as global satellite communication nears.  Countries are scrambling to prepare for the looming cyber-attack threat aided by AI.  These modern technologies will forever change the way the world operates.  This book dives into what may seem like an existential threat, providing necessary steps to remain safe and secure.  Security teams must balance the risks and benefits of AI.  Microsoft’s Siva Sundaramoorthy defines how common cyber precautions apply to generative AI deployed in and around security systems.  Pain points security teams should be aware of AI include:

• The integration of new technology or design decisions introduces vulnerabilities.
• Users must be trained to adapt to new AI capabilities.
• Sensitive data access and processing with AI systems creates new risks.
• Transparency and control must be established and maintained throughout the AI’s lifecycle.
• The AI supply chain can introduce vulnerable or malicious code.
• The absence of established compliance standards and the rapid evolution of best practices make it unclear how to secure AI effectively.
• Leaders must establish a trusted pathway to generative AI-integrated applications from the top down.
• AI introduces unique and poorly understood challenges, such as hallucinations.
• The ROI of AI has not yet been proven in the real world.”

Brooks’ Take: “We are currently in a disruptive era of technological advancement labeled The Fourth Industrial Era. It is characterized by the exponential connectivity of people and devices and involves meshing physical, digital, and biological worlds. This includes a multitude of innovative technologies (among others) such as artificial intelligence (AI) & machine learning (ML), robotics, sensors, 5G nanotechnologies, biotech, blockchain, and quantum.’

“Artificial intelligence (AI) is one to watch as it is a highly intriguing subset of emerging technologies.  Science fiction no longer exists in the realm of AI. These days, AI can comprehend, diagnose, and resolve issues from organized and unstructured data, sometimes even without special programming.  Although AI can be a useful instrument for cyber defense, threat actors may also take advantage.  Malicious hackers are using AI to find and exploit threat detection model weaknesses.  Malicious malware can also be distributed using artificial intelligence and machine intelligence to automate target selection, inspect compromised environments before launching further assault stages, and prevent detection.

Quantum technology, especially quantum computing, has immense potential to change many fields, such as communications, real-time data analytics, biotech, genetic sequencing, and materials science.  With its effects on artificial intelligence and the Metaverse, quantum computing will also speed us into the future. But with the good, we need to plan for and stop the bad, especially regarding data, which is the lifeblood of industry and trade.  Starting right now, it is essential to go toward quantum-proof cybersecurity. For more on emerging tech, please check out my recent FORBES article Artificial Intelligence, Quantum Computing, and Space are 3 Tech areas to Watch in 2024.  As an additional thought, avoid hackers' tricks by being cyber-aware and practicing good cyber hygiene this Halloween and beyond. Be prepared and vigilant!”

This article is shared at no charge and is for educational and informational purposes only.

Red Sky Alliance is a Cyber Threat Analysis and Intelligence Service organization.  We provide indicators of compromise information via a notification service (RedXray) or an analysis service (CTAC).  For questions, comments, or assistance, please get in touch with the office directly at 1-844-492-7225 or feedback@redskyalliance.com    

• Reporting: https://www.redskyalliance.org/
• Website: https://www.redskyalliance.com/
• LinkedIn: https://www.linkedin.com/company/64265941 

Weekly Cyber Intelligence Briefings:
REDSHORTS - Weekly Cyber Intelligence Briefings
https://register.gotowebinar.com/register/5378972949933166424

[1] https://www.forbes.com/sites/chuckbrooks/2024/10/27/spooky-cyber-stats-and-trends-in-time-for-halloween/