Cybercriminals have evolved their tactics in 2024 to take advantage of business and technology consolidation. Businesses must respond by being more proactive about cybersecurity
The interconnected use of technology has created new threats for businesses with cybercriminals seeking to exploit vulnerabilities as merger and acquisitions activity increases.
As a result, experts are urging C-suite executives to rethink their approach to cyber risk and the ways in which it can be mitigated and managed.
Cyber risk solution company Resilience has issued its Midyear 2024 Cyber Risk Report which warns that cyber security has to be upgraded from simply a line in the corporate budget to encompass proactive strategies that enhance security.
The report warned threat actors have evolved their tactics in 2024 to take advantage of business and technology consolidation.
The report’s key findings include:
- Ransomware remained the leading cause of loss since January 2023, with 64% of ransomware-related claims resulting in a loss. The financial severity of claims related to ransomware attacks increased 411% from 2022 to 2023.
- Ransomware attacks on Change Healthcare and CDK Global, as well as the PanOS zero-day vulnerability, represented 2024’s top claim-driving events thus far.
- Of all claims received since January 2023, 32% were the result of a vendor data breach or ransom attack exploiting a third-party vendor—including notable vulnerabilities associated with Ivanti software. In 2024 that number is already 40% and expected to grow.
- The BlackCat hacking group - responsible for the Change Healthcare cyber incident - entered 2024 with an existing track record: in 2023, the group topped the list of most costly attacks, with BlackCat attacks accounting for 18% of covered losses from ransomware.
- Two sectors saw the largest increases in claims in 2024: manufacturing and construction. Manufacturing rose from 15.2% of all claims in 2023 to 41.7% of all claims in 2024; while construction rose from 6.1% of 2023 claims to 25.0% of 2024 claims.
An evolving threat
Increasing M&A and reliance on ubiquitous software vendors has created new opportunities for threat actors to unleash widespread ransomware campaigns by exploiting a single point of failure.
Indeed, the report found that some of the most disruptive cyberattacks over the past year involved heavily interconnected systems or recently acquired companies.
These attacks were carried out to devastating effect—even putting entire economic sectors on hold.
Global M&A deal volume increased 36% in the first quarter of 2024. While this growth can be seen as a sign of positive economic development, experts warn it can also create a staggering number of potential new points of failure.
“Major attacks like the ones on Change Healthcare, CDK Global, and AT&T have been wreaking havoc and making headlines, but they also remind us that we’re facing a new status quo.”
Similarly, technology consolidation—in which industries rely on single suppliers for critical platform services—have proven to lead to catastrophic effects downstream if a single supplier is breached.
In addition to potential ransom payments, impacted organisations typically face significant business interruption and lost revenue.
Vishaal Hariprasad, co-founder and CEO of Resilience said: “Major attacks like the ones on Change Healthcare, CDK Global, and AT&T have been wreaking havoc and making headlines, but they also remind us that we’re facing a new status quo.
“Increased vendor interdependence and M&A activity have created an unprecedented opportunity for hackers, with far more points of failure and potential for human error.
How to tackle the risks
Now more than ever, the C-suite needs to think about how it approaches cyber risk.
Businesses are interconnected like never before, and their resilience now depends on that of their partners and others in the industry.
Tom Egglestone, global head of claims at Resilience said: “While cybersecurity has historically been considered as a line item in a company’s budget, it’s clear that this is insufficient.
“Business leaders must adopt a risk-centric approach—one in which security strategies are grounded in the financial translation of cyber threats.”
Risk managers have been told that they should not just see cyber security as a threat, but must also consider the opportunities that better digital resilience might bring.
“Business leaders must adopt a risk-centric approach—one in which security strategies are grounded in the financial translation of cyber threats.”
The World Economic Forum said: “Cybersecurity must also be looked at as a growth opportunity and not just as a risk.
“An effective cyber strategy is an important driver of trust. Customers value the importance of trust while doing business with small companies and are more likely to do business with companies that demonstrate effective and responsible use of technology and data.
“However, it is necessary to keep the total cost of security in mind when building a cyber security strategy. If not managed effectively, the cost of technologies like cloud and AI can grow dramatically.”
WEF also advises that government policies and industry collaboration can help narrow down the cyber skills gap, thus improving overall security.
“An effective cyber strategy is an important driver of trust.”
It said: “Imparting cyber skills as early as in school will not only protect young vulnerable kids but will also create a foundation for a large pool of cyber talent.
“Further, there is also a need to expand the talent pool by not simply limiting it to STEM professionals but also to include people coming from diverse educational backgrounds and skills.
“To do so, governments should incentivise careers and opportunities in the domain of cybersecurity and awareness. One method of doing so is through the Corporate Social Responsibility obligation for large companies, leveraging that money for cyber security skill development.”
Source
No comments yet