Some striking statistics from the IBM/Ponemon Institute “Cost of a Data Breach Report 2020”.
$3.86 Million – Average Total Cost to recover from a breach.
$7.13 Million = Healthcare’s Average Total Cost per Attack – Highest industry cost
280 days – Average time to identify and contain
Nearly 28% of the data breaches in 2020 involved small businesses. The top patterns criminals are using to attack small businesses are web applications and miscellaneous errors. These represent 70% of the breaches. The threat actors who are perpetrating these crimes come mostly from external sources at 74%. Internal sources make up 26%.1
What motivates hackers when it comes to small and medium businesses? Not surprisingly, financial gains still remain the top motivation – in the ballpark of 83% of the attacks on small and medium businesses are financially motivated. While attacking small to medium businesses isn’t as lucrative or public as going after large enterprises, they do represent a less protected, more vulnerable target. When it comes to enterprises and large corporations, there are teams of professionals that code, program, and work around the clock to provide specialized security and firewall protection for that company and the partners they work with. It’s much more difficult to protect small and medium businesses solely because the resources are less accessible and are rarely a custom solution.
Every year, Verizon performs a data analysis that reviews all of the data incidences and deeper breaches that occur throughout the year. 2020 was no exception – Verizon released the “Data Breach Investigations Report” that paints a picture of the security issues from the year. According to the report, there were 32,002 security incidents and of those 3950 were confirmed breaches.3
Let’s dive into the report and look at some of the details. Healthcare, manufacturing, and energy/utility industries comprise some interesting facts when it comes to phishing and intrusion incidents, so, we will review those in more depth.
Healthcare, for example, is targeted mostly by utilizing a form of malware called ransomware. According to Fortinet.com, “ransomware is a specific type of malware that holds data hostage in exchange for a ransom. In other words, attackers will demand a given dollar figure in exchange for the data they have stolen and are reversely denying access to your organization. In 2019, ransomware skyrocketed by 820% and is estimated to have cost organizations nearly $20 billion by 2021.4 There were 798 incidents with 521 of them being confirmed breaches. Most of the attacks in this sector are exclusively driven by financial gains and 77% of the breaches were pertaining specifically to personal data being targeted. With a constant rotation of patients’ personal and medical data, the healthcare sector is especially susceptible to attacks.
Manufacturing is beset by external actors using password-dumper malware and stolen credentials to hack into systems and steal data. While the majority of attacks are financially motivated, there was a respectable showing of cyber-espionage motivated attacks in this industry as well. Internal employees misusing their access to abscond with data also remains a concern for this vertical. 922 incidents were recorded and 381 of them reported as full-scale breaches.
ENERGY, OIL & GAS, UTILITIES:
An interesting change occurs when you arrive at the energy sector. Presumably, due to the diminishing viewpoint of the energy and utility corporations, there is a notable increase in espionage attacks when it comes to cybersecurity. Breaches are composed of a variety of actions, but social attacks such as phishing and pretexting dominate incident data. Cyber-Espionage motivated attacks and incidents involving operational technology assets are also concerns for these industries. A reported 194 incidents and 42 of which confirmed data disclosure.
SMB & WFH implications
2020 has truly required that organizations need to find a way to adapt, find a way to be flexible, and they need to do it quickly. Few times before in history has any worldwide event-driven such a dramatic and drastic change as this pandemic has. Notable is the move to mobilize and empower companies to adopt a work from home movement. Many companies, including the behemoth Google, are pushing their returns to full-time in the office until the middle of 2021 at the earliest. With the quick switch to work from home, many organizations are moving to a cloud-based infrastructure and web-based tools. And with that comes more vulnerability; computers not regularly monitored by an in-house IT staff, less frequent and inconsistent updates to firmware and security software, and employees utilizing personal WIFI networks. It’s leaving a lot of organizations more vulnerable across the board.
If you can imagine, it is really simply an expansion of companies’ entry points on their internal networks; and the wider and farther stretched a company’s network is the easier cracks can be found and attackers can gain entrance from the outside. That spreading of points along a network is also transferable to manufacturing when you consider adding devices to a work network. It is imperative that you put into place the software and up-to-date devices that will assist in protecting your data from being breached.
You might recall the newsworthy attack on Target back in 2014? The attackers gained access essentially though a thermostat using credentials from the HVAC company that supplied and maintained Target’s heating and cooling systems. The attackers stole nearly 40 million credit card files.
If Target is vulnerable to attacks such as these, how is your small or medium business going to shore up your walls and add measures to help prevent events like this?
At SK&T, we partner with manufacturers that have invested great time and money into systems designed to shore up your network devices. Devices that are integral to your supply chain management, your inventory management, and your labeling systems. All of the devices that track your inventory and print your barcode labels are vulnerable to backdoor intrusions like the example made with the Target attack in 2014. The more devices you have on your network, the greater the chance hackers have to get in.
We work with a number of hardware and software providers that not only have provided top of the line devices to power your supply chain and labeling needs, but have in tandem supported those devices with software that protects your data in numerous ways.
Let’s take a look at our two main partners and the protection offered for mobile devices: Zebra Technologies has the LifeGuard™for Android™ and Honeywell offers Mobility Edge. Both providers offer extended life solutions beyond the 3 years that Google will support a device; both with their competitive advantages and special offerings.
Zebra Technologies LifeGuard™ for Android ™ offers the following5:
- Aggressive regular security/patch updates: You get timely updates to address new, emerging threats throughout the term of your Zebra OneCare contract. And you never need to remember to check for updates. Just sign up for email notification and you’ll receive a notice as soon as an update is available.
- Smooth migration to the next Android OS with the right security support: When a new version of Android is released, we continue to provide regular security updates for your current Android OS for a full year, giving you the time you need to determine if and when you want to migrate your apps to the new Android OS – and plan and execute that migration.
- 6 – 10 years of security support: Consumer smartphone models are released much more frequently than their enterprise ‘cousins” – about every 24 – 36 months. While other manufacturers typically stop providing OS security updates the day their mobile devices are retired, Zebra OneCare contract at no charge, up to 5 years after the device end of sale date.
- End-to-end revolutionary control of your update process: The update process for enterprise-class Android mobile devices is often time-consuming, costly, complex and difficult to track. Now you can address all of those issues with the LifeGuard Analytics and Update dashboard in your Zebra Visibility Services portal.
Honeywell’s Mobility Edge Services6:
- Accelerate Deployments. Validate once. Deploy everywhere. Faster, easier, and at lower cost. Enabling versatile out-of-the-box capabilities and a rapid provisioning suite, Mobility Edge expedites development, certification, setup, and training involving multiple form factors at once.
- Optimize Business Performance. Boost productivity and drive efficiency. Powerful, embedded tools across the platform drive faster data capture and secure, enhanced worker communications. The unified, intuitive experience facilitates user adoption and helps employees complete vital tasks.
- Extend Lifecycle. Forward compatible. Future-proof. Mobility Edge reduces TCO and minimizes headaches with an enterprise-wide approach to maintenance releases, and hardware designed to support ongoing upgrades to the operating system guaranteed through Android 11 and committed to continue working towards compatibility through Android 13.
- Strengthen Security. Mobility Edge provides a unified, dynamic hardware-and-software platform with built in security, and the best available future security made possible by unbroken Android version continuity, and forward compatibility.
There are a lot of options available when it comes to your network device security. It can also be a highly confusing selection process. At SK&T we partner with the top providers of not only the devises that power your healthcare, manufacturing, and distribution centers, but also protect them with enterprise-level software packages that are unrivaled. Let SK&T take a look at your setup, consult with our providers, and put together a complete package to seamlessly manage your devices and keep your network secure.