There are many different reasons why data traffic might not reach its target destination. The most common of these, however, is a “denial of service” attack. When this happens, the data network is overloaded by a targeted, intentionally high level of data traffic referred to as a distributed denial of service attack (DDoS attack). During an attack of this nature, a large number of servers flood the network with data.

 

Radware’s 2018-2019 Global Application & Network Security Report takes a closer look at long-term cyber security trends in businesses. 790 people were surveyed for this year’s report: 33% of respondents were from the Asia-Pacific region, 31% from North America, 18% from the EMEA region and Central/Latin America while the remainder conducted business worldwide.  

Der «2018-2019 Global Application & Network Security Report» von Radware untersucht die Langzeitentwicklung der Cyber-Sicherheit in Firmen. In der diesjährigen Untersuchung wurden 790 Personen befragt: 33 % der Befragten stammen aus Asien-Pazifik, 31 % aus Nordamerika, 18 % aus dem EMEA-Raum sowie Zentral-/Südamerika, der Rest ist weltweit tätig.

Why are businesses attacked?

While the motivation for cyberattacks has remained similar over the past few years, what stands out is that the responses indicating “motive unknown” have almost tripled. We believe that businesses are finding it increasingly difficult to distinguish between malicious and legitimate traffic since the number of incidents is on the rise and evasive disguise tactics are becoming more and more sophisticated. Another remarkable finding is the steady decline in the number of companies reporting no attacks.

How frequently are companies attacked?

One in five respondents indicated that they are attacked on a daily basis, a 62% increase over 2017! Another worrying insight is that one in five respondents had no idea how often they are attacked. There was a sharp drop in the number of companies reporting zero, one or two attacks per year. What’s alarming is the simultaneous increase in the number experiencing “daily attacks”! The number of companies reporting that they had never experienced an attack dropped by half from 2017 to 2018 – are businesses aware of this?

Against which types of attacks do companies have to defend themselves?

A shift is currently taking place – away from encrypting data to demand a ransom and toward the unnoticed installation of cryptomining applications, which heavily drain system resources. All other types of attacks have remained stable or increased by 5 to 10%. Companies can’t turn a blind eye to cyberattacks anymore.

What are the consequences of cyberattacks?

Both social media and the seemingly infinite number of rating portals mean that companies’ efforts to protect their reputation have become an increasingly important item on their to-do lists. Cyberattacks can lead to negative customer experiences, brand reputation loss and even a loss of customers! Depending on the size of the organization, each attack could cost up to $2,100,000! When asked about the consequences suffered as a result of successful attacks, this is how they responded:

Negative customer experience

43%

 

Brand reputation loss

37%

 

Customer loss

23%

 

Size of business

Estimated cost
per attack

SMEs up to 1,000 employees

$450,000

Enterprises with 1,000 - 10,000 employees

$1,100,000

Large corporations with more than 10,000 employees

$2,100,000

 

 

 

The trend: cyber insurance policies

The number of enterprises taking out cyber insurance policies is on the rise. While it might seem only logical that this should be sufficient and that the insurance company would cover any damage sustained, the reality is that if the financial loss is actually covered, the company might still be left with a reputation loss. NZZ recently reported on a court case in which Mondalez is suing its insurance company. The dispute concerns a damage claim of $100 million, around 1,700 servers as well as 24,000 laptops that sustained permanent damaged due to an attack – and this is likely only the material damage. A combination of proactive measures and insurance is much more expedient.

 

Protection against cyberattacks is multi-layered

Tailor-made solutions, such as Managed Security with individually configured firewalls, boost the security of your network access points. Protection against DDoS (distributed denial of service) attacks comes with a price tag starting at just a few hundred francs a month. Peanuts compared to a cyberattack’s damage potential.

 

Seven steps to protect yourself against cyberattacks

  1. No security without a firewall
    Protect your network and servers with a managed firewall.
  2. Double the protection for mobile devices
    Hackers love using laptops, tablets and mobile phones as a way to gain entry into your network.
  3. Make DDoS attacks miss the mark
    DDoS attacks can be purchased for very little money on the Darknet, which makes them particularly popular.
  4. Implement two-factor authentication
    Two-factor authentication, which could take the form of a push message sent to a smartphone and a new code that is generated for each authentication, ensures a much higher level of security.
  5. Train your employees
    The human factor is one of your company’s biggest security risks. We recommend two training sessions per year
  6. Maintain an overview of the entire value chain
    Data are exchanged between suppliers and customers. The entire supply chain needs to be protected.
  7. Go offline every now and again
    Follow the lead set by intelligence services and nuclear power plants: certain IT systems are operated offline!

We can guide you along the path toward network security. Ask us!