How to protect from hacker attacks How to protect from hacker attacks

How to protect from hacker attacks

Print
- + Text size

Cybercrime is costly. According to Cisco's latest report, 53% of cyberattacks on companies result in financial damages of more than 500,000 dollars. Overall, the cost of hacker attacks on companies, individuals and governments across the world is increasing rapidly: from 445 billion in 2014 to an estimated 2000 billion by 2019.
Considering the staggering amounts involved, having adequate IT security systems is now essential. Especially in view of how quickly cybercrime is evolving: despite the fact that traditional methods – phishing and viruses installed via email – are still frequently used, attacks are increasingly less reliant on tricking individuals into opening an attachment or downloading a programme containing a virus.
Blackmail & data destruction
In fact, hackers rely on malware that, thanks to bugs in the computer network, is capable of installing itself and then spreading to the entire computer system of targeted companies. But what is the objective of such violent attacks? There are two main reasons: blackmail, using ransomware (which limits access to the affected device until a ransom is paid), or even destruction of all the data in the system.
For example, this was the case of WannaCry, the ransomware attack that in May 2017, taking advantage of a vulnerability in the Windows operating system, targeted some of the most prominent organizations in the world, including FedEx, Renault and the British National Health Service. Despite the size of the organizations they attacked, the hackers behind WannaCry left with just 143,000 dollars. This is why the US government thinks the ransom request was just a diversion and that the real reason behind the attack was to destroy the IT systems of some western companies (which led to suspicion of the involvement of North Korea).
But ransomware is not the only threat: today, one of the most feared forms of cybercrime is still DDoS attacks, which send hundreds of thousands of requests to a single web address aiming to cause an overload and force it offline. Over the years, this type of hacker attack, which can affect banks, institutions, ministries and all sorts of organizations, has become more frequent. During the last quarter of 2018, the number of DDoS attacks has grown by 110% compared to the same period last year. But the worse thing is that these attacks are increasingly easy to carry out.
Mercenary hackers
The number of websites operated by "mercenary" hackers has been growing for some time now, and for a few tens of dollars, they can attack any desired target. Up until a few years ago, mercenary hackers could only be found on the dark web, but now they operate openly on the internet: to hire them all that one needs to do is search on Google and have a PayPal account (even if, normally, these websites prefer to be paid in Bitcoins, as the cryptocurrency guarantees anonymity).
These so-called “booter” and “stresser” services allow malicious individuals with no technical skills to make use of a proper platform for hacker attacks: all they have to do is enter the IP address they wish to attack, choose the severity of the attack and pay the amount requested. How can these services be openly available on the web? The answer is that many of these platforms are created to offer a service that is completely legal: website load testing on request. A real stress test, hence the name stresser. Separating the websites that operate legally from those that allow attacks on third parties is practically impossible, as security expert Brian Krebs points out.
As a result, protection from cyberattacks has become increasingly more important. It is therefore no surprise that cybersecurity costs have risen dramatically: from 3.5 billion dollars in 2004 to an estimated 134 billion in 2017. And figures are set to continue growing: 189 billion dollars are expected to be spent by 2022.
The future (and present) of cybersecurity
At the same time, security techniques are also becoming increasingly more sophisticated. The latest advancements involve security systems based on artificial intelligence, able to spot autonomously if something is going wrong (for example, an unusual number of accesses – which could be the start of a DDoS attack – or a virus starting to compromise the correct operation of the computer systems).
To this end, Darktrace, Spark Cognition, Jask, Deep Instinct and many other companies that operate in the cybersecurity sector use machine and deep learning techniques (learning methods at the base of artificial intelligence), to analyse autonomously how people use computers, how computers interact among themselves, with the outside world and with the data they store. This helps anticipate hacker tactics and prevent any virus that may slip past the normal security barriers from carrying out the attack it was designed for.
These systems, however, are still at an experimental stage and are not always necessary. In fact, more often than not, traditional cybersecurity services are more than adequate to protect small and medium-sized companies from cyber threats; especially if they are integrated directly in the network and do not require installing and regularly updating special hardware and software.
This is the case of TIM Safe Web, which makes use of the potential of the Cisco Umbrella cloud security platform – containing a constantly updated database of the cyberthreats known worldwide – and is available to approximately 600,000 TIM business customers. This way, anti-phishing and malware prevention functionalities are directly integrated into the network; for example, blocking requests from dangerous IP addresses before the connection is activated and preventing browsing on websites created with the sole purpose of collecting financial data or personal details. Cybercrime, as we can see, is evolving and becoming increasingly more dangerous: protection is no longer a luxury but an absolute necessity.