How much did cyberattacks cost organizations in 2018?

In today’s day, it has become common knowledge that cyberattacks are dangerous for an organization. However, sometimes, people within the organization can differ on the exact impact of these threats. These differences can often blindside businesses on the total value of monetary and operational losses– without cold, hard numbers to back up the effect of cyberattacks, companies can tend to underestimate cybersecurity, often preferring to prioritize their budgets to other things.

Every security expert will state that this can often be the first step to a disaster.

While there are no guarantees to cybersecurity, it’s obvious that a business which spends more time and investment in protecting its perimeters has a better chance of protection against the rampant cyber threats that exist in today’s times, rather than, say, another enterprise which hasn’t taken its cyber protection that seriously.

Seqrite is sharing numbers from different reports and surveys around the world about the impact and cost of cyberattacks so that they act as an eye-opener for stakeholders to understand clearly that cyberthreats have a deep impact on the overall business functionality.

These numbers and descriptions should illustrate the real danger enterprises face, both financially and on the reputation front if cybersecurity is not taken seriously.

Cyberattacks: The numbers

In July 2019, the Online Trust Alliance, a component of the Internet Society (an American organization committed to leading Internet standards, access and policy) dedicated for the promotion & security and privacy best practices, released its 11th Cyber Incident & Breach Trends Report, providing an overview of cyber incidents in 2018. Some of the key findings from the report were:

• It was estimated that there were more than 2 million cyber incidents in 2018 and even this number is likely to be a rough estimate for the actual number
• The financial impact of all these incidents was at least USD 45 billion
• The main types of attacks were (in terms of number of incidents) cryptojacking, ransomware, breaches, supply chain attacks, Business Email Compromise (BEC)
• Cryptojacking attacks saw a marked increase in 2018 which indicates that attackers are continuously innovating and finding new attack vectors

Large companies bore the brunt of some of the biggest cyber attacks the world saw in 2018.

Marriott

Among the world’s largest and most influential hospitality chains, Starwood Hotels revealed in September 2018 that up to 500 million hotel guests’ information had been stolen in a data breach. The attackers stole a huge array of Personally Identifiable Information (PII) leaving the hospitality chain in the midst of a big crisis.

British Airways data breach

As one of the oldest and most well-known airlines of the world, there was a sense of concern when British Airways announced that 380,000 card payments on its website were compromised during a 15-day period between August 21^st and September 5^th.

Details like name, email address, credit card information like number, expiration date and CVV code were stolen. While it did not affect flight operations, it caused a lot of anxiety and concern for customers who had booked flights in the intervening period

Facebook-Cambridge Analytica data breach

Facebook’s troubles had emerged earlier in the year, in March, when the news erupted of the Cambridge Analytica scandal. According to investigations made by the American and the British media, Cambridge Analytica stole personal information from 50 million Facebook user profiles.

This was done by getting users to submit answers to a personality prediction application by a psychologist from the University of Cambridge Aleksandr Kogan. This application needed users to login using their Facebook account and gained access to their profiles, locations, likes and other personal data. It also gathered data on the friends of the users who downloaded the application.

This data was then sent to Cambridge Analytica – which is a violation of Facebook’s terms of service – which created psychographic profiles on 30 million of these profiles, to influence voter behaviour for its clients. This news caused a huge uproar over the world with Facebook being investigated by authorities of several countries and many angry users even starting a ‘DeleteFacebook’ hashtag on social media.

It is quite obvious that cyber attacks can have a significant impact on enterprises. To protect against them, enterprises can consider powerful & efficient security solutions like Seqrite’s Endpoint Security (EPS), mSuite and Unified Threat Management (UTM), to provide a layer of defence against advanced cyberthreats.