RISK MANAGEMENT

From Malware to Phishing: The Finance Professional’s Guide to Cyber Crime

In May 2017, computer users around the world were greeted with a worrying red screen and a message demanding the payment of up to US$600 in bitcoins to unlock their computers. This was “WannaCry,” one of the biggest ransomware attacks in history.

It is estimated to have caused around US$4 billion in damages, hitting around 200,000 targets, including the UK’s National Health Service and Spanish telecoms provider Telefonica.

Malware attacks are one of the fastest-growing areas of cyber crime. It can cause damage in various ways, including shutting down computer systems until a ransom is paid, or destroying operational systems

In Aon’s 2017 Global Risk Management Survey, cyber risk was rated a top five global risk. In 2016, it cost the global economy an estimated US$450 billion and resulted in around 2 billion stolen records – including over 100 million US patient records. By 2019, losses could hit US$2 trillion – more than 2% of the world’s economy.

Companies, and their leaders, are aware of this. But while it’s one thing to admit there’s a threat – it’s another to actually address it. And as our lives become increasingly digitized, the onus will be on us to understand exactly what types of cyber threats are out there.

Types of Cyber Crime

Classifying cyber attacks isn’t straightforward, as one attack will often combine several methods. For instance, a social engineering attack may result in a USB stick infected with a computer virus being connected to company systems.

Because cyber threats and methods can overlap and mesh together, the following categories may not always be completely cut and dried. However, they do give a good indicator of the range of attacks and hostile tactics that organizations have to deal with.

Malware. Malware is a term that covers a wide variety of computer viruses. Any malicious code that finds its way on to a system with the aim of impeding the operator’s interests is classified under the malware umbrella. Adware, spyware, ransomware, worms, viruses and bots are all types of malware, and can all make their way into a network in a variety of ways.

Malware can cause damage in various ways, including shutting down computer systems until a ransom is paid, or destroying operational systems. Malware attacks are one of the fastest-growing areas of cyber crime, with a sharp jump in the number of organizations affected – the number of ransomware attacks alone increasing 167 times year-on-year from 2015 to 2016.

DoS. A Denial of Service (DoS) attack occurs when an attacker overloads a network with excess traffic, causing that system to shut down.

One particularly prominent trend is the Distributed Denial of Service (DDoS) attack, when a multitude of different viruses all visit a network at once – making it impossible for the victim to manage the attack by simply blocking individual users. In late 2016, a DDoS attack took down a significant portion of the internet, including Netflix, CNN and Reddit.

Financial gain isn’t always the motivation behind DoS attacks. They could be launched to disrupt or sabotage operations or cause significant business interruption.

The average DDoS attack costs a business around US$2.5 million. 

  • 1
  • 2
  • 3
  • Next page

Related Articles

Research finds that 80% of Asia Pacific organizations are at the bottom rungs...
The data breach at US consumer credit bureau Equifax holds lessons for...
The WannaCry and NotPetya ransomware cyber attacks are not going to be last...
New uncertainty in Southeast Asia as terrorism attacks explode in Indonesia and...