Cyber Attacks Throw One-Fifth of Businesses in Europe and US into Bankruptcy

Today, the increasing digitalization of the business world does not only bring along opportunities but also challenges. With digitalization; cyber attacks, hackers, vulnerabilities, data breaches, and many more become part of business life. Especially during the ongoing remote working process that started with COVID, the attack surfaces have increased and organizations have faced different cyber threats every day. So, measures against cyber attackers who constantly change and improve their methods of attack need to be constantly reviewed and renewed. Otherwise, cyber attacks can lead to serious consequences, including even bankruptcy.

One-Fifth of Businesses in Europe and the United States are Seriously Affected by Cyber Attacks

According to a recent report published by Hiscox, one of the world's leading insurance companies, which stands out with its cyber insurance service for businesses; cyber attacks, probably one of the most negative consequences of digitalization, pose a serious threat to companies. The said report focuses on how prepared businesses are for cyber attacks. The report includes very interesting findings of the relevant study conducted on more than 5,000 businesses in countries including the United States, Germany, Spain, Ireland, the Netherlands, and France.

Probably the most striking result of the report is that one-fifth of firms based in the United States and Europe are in danger of bankruptcy due to cyber attacks. Furthermore, 87% of the companies in the study consider cyber breaches as the most serious cause of the economic crisis. According to another finding from the study, 48% of participants state that they have been cyber-attacked at least once in the past 12 months, implying a 12% increase in cyber attacks compared to last year.

The picture that emerged with the COVID-19 pandemic, unfortunately, supports the increase in threat surfaces and cybersecurity risks. The new hybrid working arrangement, which has been rather applied with COVID, also accelerates the cloud journey of companies. The telecommuting system seems to have caused a huge leap in the number of attacks through the servers in the cloud. Approximately two-thirds of employees who participated in the survey agree that working through the cloud environment makes the business model more vulnerable to cyber attacks. In conclusion, 7 out of 8 countries that have contributed to the study believe that the cybersecurity issue is alarming.

The study by Hiscox addresses the cybersecurity issue in many aspects including the cybersecurity expenditures. The study states that the expenditures incurred by enterprises to prevent cybersecurity threats increase every year. Enterprises that participated in the survey point out that their average cybersecurity expenditures increased by 60% reaching $5.3 million last year and by 250% since 2019, and the average cost of a cyber attack increased by approximately 29% to slightly below $17,000.

In the light of all these results, Hiscox warns enterprises that the financial loss aspect of cyber attacks can reach declarations of bankruptcy. Becoming popular with COVID, the remote working system is predicted to not disappear but become an indispensable part of the business world. This brings about an increase in the number of access attempts by hackers, and thus, cyber attacks. This is exactly why the protection of enterprises from cyber attackers through Privileged Access Management applications is now important more than ever.

Ransomware Attacks and Malware Never Off the Agenda

Cyber attacks on enterprises through ransomware, malware, and phishing are ever-increasing reaching dangerous levels. A long-standing phishing campaign has been targeting German companies operating in the automotive industry, trying to infect their systems with password stealer malware. These targets in the German automotive industry are not only automobile manufacturers, but also dealers. According to a report, hackers manage to access their targets with an email that bypasses many security checks in the ongoing attack, which started in the industry in July 2021. The e-mail appears to contain a car transfer receipt. While the victim dealer views this forged document, the malicious code proceeds in the system.

MM.Finance announced that hackers managed to steal $2 million worth of digital assets through a recent DNS attack. This kind of attack is aimed at threatening the availability and stability of the DNS services of a network. MM.Finance states that the attacker managed to insert malicious addresses in the front-end code and stole more than $2 million in cryptocurrency. The company has announced that it set up a compensation pool for those affected by the attack and will withdraw from receiving contributions from the transaction fees to cover the losses.

AGCO, the leading agricultural equipment and machinery manufacturer in the USA, also made statements about a ransomware attack that affected some of its production facilities. AGCO did not provide a detailed explanation about what caused the interruption in its systems, but shut down parts of its IT systems to prevent further spread of the attack. AGCO continues to investigate the extent of the attack. The negative impacts seem to continue for a while depending on how quickly the system can be restored. Having 21,000 employees and revenues over $9 billion, AGCO incorporates brands such as Fendt, Valtra, Gleaner Challenger, Massey, and Ferguson. Therefore, the production interruption caused by the ransomware attack is likely to negatively affect the supply chain, which includes production and delivery of equipment.

Stop Cyber Attackers' Possibility of Accessing Critical Digital Assets with PAM

One of the most effective way to protect companies against cyber attacks is Privileged Access Management (PAM). The accelerated digitalization in companies, the ever-increasing importance of digital transformation, and remote working cause companies to face difficulties in protecting their critical digital assets. Strong cybersecurity policies strengthen companies' shielding in the cloud environment and ensure protection from cyber attacks, one of the biggest problems of our age.

Cybersecurity threats, especially ransomware, malware, phishing, and similar methods, have recently produced disappointing results such as data breaches and disclosure of digital data, and these incidents are mostly attributable to actors such as hacker groups, corporate spies, and individual hackers. IT teams of the companies develop planned security policies to significantly prevent the dangers related to the attack surface and data security. For example, security approaches such as zero trust and least privilege can add a new dimension to the cybersecurity efforts of IT and information security teams.

The zero trust model minimizes vulnerabilities that may arise either internally or externally through the understanding of “Never trust, always verify”. Of course, such access security solutions as privileged session management, multi-factor authentication, and dynamic password controller play a critical role at this stage. Whether in the cloud or on-premise, these solutions ensure that access to company infrastructure and sensitive data is controlled at every step, helping with the application of the zero trust method in the most accurate way. On the other hand, the least privilege method, which is based on the principle of protecting the business continuity by granting the least privilege to the authorized accounts on the system, works with the mechanism of granting the least possible privilege by grouping the persons who have access to the system into the user account, privileged account, shared account, and service account according to their access levels. The least privilege principle allows for managing the authorities of company employees in the organization chart through the solutions such as privileged session manager and database access manager on a level basis, and recording the transactions made from these accounts. This keeps malware from infiltrating the system.

Privileged Access Management solutions allow for the application of zero trust and least privilege methods in the best possible manner and provide a transparent and controllable access security infrastructure with the possibility of quick intervention, while increasing cybersecurity layers to maximize the data security. Single Connect product family, which is included in the reports of the world's leading research companies such as Gartner, KuppingerCole, Forrester, and Omdia featuring among the world's leading PAM solutions, eliminates the difficulties in providing a high-level layer of security thanks to its six advanced core modules that offer data and access security.

• Privileged Session Manager (PSM): This solution consists of the following stages: setting the privilege levels of authorized accounts, checking, monitoring, and auditing the sessions. PSM acts as a gateway among the target endpoints, user, and session manager and ensures that all sessions are logged.
• Dynamic Password Controller: Developed to verify fully encrypted authorized sessions, this module protects passwords by isolating them from the network thanks to its password vault feature. Thus, password sharing is prevented.
• Two-Factor Authentication (2FA): This module allows users, who request privileged access, to be controlled by geo-location and time verification at the same time.
• Database Access Manager and Dynamic Data Masking: Thanks to its nested working principle, this module records every step of network administrators and privileged accounts in databases in the cloud and on-premise environments and allows for masking data.
• Privileged Task Automation (PTA): PTA module automates routine tasks to prevent human errors and help to avoid service interruptions.
• TACACS+ / Radius Access Management: This module allows for controlling and managing access via TACACS+ and RADIUS protocols with the support of up to 250,000 devices on a single server, and helps companies to comply with regulations such as GDPR, ISO 27001, SOX, HIPAA, and PCI.

With Single Connect, one of the world's leading Privileged Access Management products with its advanced modules and effective solutions, you can easily make your organization's IT infrastructure and privileged access more secure against cyber attacks. Please contact us to further review our Single Connect product and find out answers to your questions.