How much do you think access to your company is worth? More specifically, how much does it cost to break into your company?
In the Middle East, Turkey and Africa (META) region the average price is just $2,100, says cybersecurity firm Kaspersky, which goes up to $4,000 in other parts of the world.
No wonder 1,270,617 user accounts in South Africa were hacked in 2021/2022, according to the company’s research, after their devices were infiltrated and their details posted on the so-called dark web. This is the unseen internet where drug dealers, child pornographers and other criminals lurk, using these hard-to-find servers, chat forums, instant messaging services and sites for their nefarious activities.
“Sensitive data stolen from companies during cyberattacks often ends up on dark web markets and forums … Not only corporate data itself is for sale, but also the information necessary for access to corporate networks to organise that attack,” Yuliya Novikova, Kaspersky’s head of security services analysis, says.
As cybercrime evolves, criminal syndicates steal login details, and then offer them for sale to others who want to carry out attacks — often using ransomware.
The average cost for access to corporate systems is in the $2,000-$4,000 range, which is “relatively inexpensive compared with the possible damage to the targeted business”, says Novikova. “Such services are of prime interest to ransomware operators, whose profit may reach tens of millions of dollars a year.”
Such services are of prime interest to ransomware operators, whose profit may reach tens of millions of dollars a year
— Yuliya Novikova
However, the access details of many companies and institutions can be bought for less than $1,000, he says.
In the past two years in the META region the cybersecurity firm found access details for more than 100 companies with average revenue of $500m for sale on the dark web.
“While the dark web seemed impossible to control in the past, now the situation is changing,” says Novikova. “Businesses can act to give fraudsters less opportunity to make dark web profits out of their data. Organisations should protect their data from being stolen with strong data security practices, including data encryption and educating employees on how to avoid accidentally giving cybercriminals access.”
Or, as Eugene Kaspersky, the company’s CEO, recently put it on Reddit: “Stop trusting everyone on the internet.” Speaking at a Kaspersky security summit last month, he said cybercriminal gangs known as advanced persistent threat (APT) operators are getting more sophisticated.
“There are more and more criminals and hackers joining the cybercrime business and more and more people developing malware,” Kaspersky said. “These are huge numbers. The numbers are scary, and it’s getting bigger. Cybercriminals are more active and there are more people in this business.”
The increase in such groups is concerning: “Five years ago, we had about 100 APT groups. Right now, it’s about 900. Most of them are state-sponsored and use espionage tools,” he said. “Three years ago, we had 340,000 new malicious applications every day. Now we have more than 400,000 new unique malicious files. It’s our daily catch.”
The problem is that the world is much better connected than it was during the dial-up internet days. Such ubiquitous connectivity makes it easier not just for the average person to get online but also for hackers to access businesses and home devices.
“Today’s hyper-connected world requires us to reconsider the way we do cybersecurity,” the Kaspersky CEO said, while the increasing sophistication of the bad actors means it is “unfortunately getting more complicated to protect against these”.
Just under a third of all security incidents in the META region in 2021 involved ransomware, the firm’s researchers found, mostly aimed at the government, IT and industrial sectors.
There was a 34% increase in targeted ransomware attacks in Africa. Globally 53% of malicious penetrations were carried out via public-facing applications, 18% via compromised accounts and 14% via e-mail.
Ayman Shaaban, Kaspersky’s digital forensics and incident response manager, says “in 30% of the security incidents, attackers made use of legitimate tools used by organisations.”
Cybersecurity is now essential for any business, as important as productivity software or talented staff. This is especially true in the context of countries such as China, Russia and North Korea actively encouraging hackers to attack Western targets, or at best looking the other way when they do. As seen in the invasion of Ukraine, cyberattacks are as much part of modern warfare as are armour and missiles.
Ransomware is proliferating across the world, and companies need to back up their data or risk being at the mercy of cybercriminals. Many desperate and foolish firms attempt to pay the ransom — always in cryptocurrency — but the hackers seldom keep their side of the bargain. Why would they stop blackmailing a victim foolish enough to pay the first time?
Would you like to comment on this article?
Sign up (it's quick and free) or sign in now.
Please read our Comment Policy before commenting.