How Cybercrime and Economic Uncertainty Intertwine

Businesses and consumers aren’t alone in feeling the pressures of a troubled economy. During a period of economic uncertainty, even cybercriminals feel the pinch as cryptocurrencies - critical for receiving ransomware payments and storing illicit funds - drop in value. This has led threat actors to become even more brazen and voracious in their efforts, driving a massive increase in the frequency and severity of financially motivated cybercrime as they identify new income streams and continue to exploit cybersecurity gaps for profit. 

Cybercriminals’ heightened activity is clear in the growth of ransomware-as-a-service, a business model between ransomware operators and affiliates in which affiliates pay to launch ransomware attacks developed by operators. We’ve also seen growth in the weaponisation of data as extortion becomes the most common cybercrime tactic. In the coming year, it’s predicted data extortion will surpass traditional data encryption and enable threat actors to repeatedly victimize organizations with tactics such as double or triple extortion and lock-and-leak operations. 

Organisations will be exposed to more threats as the volume and complexity of cyberattacks continue to rise. In Asia Pacific and Japan (APJ), cybercrime accounted for 33 per cent of all intrusion campaigns by attack type according to CrowdStrike’s 2022 Falcon OverWatch Threat Hunting Report. The CrowdStrike OverWatch team tracked a 60 per cent increase in interactive intrusions year-over-year in APJ compared to 50 per cent seen globally. 

Businesses in the APJ region need to be aware of these specific threats in order to prevent devastating financial and reputational loss from a data breach. According to CrowdStrike’s 2022 Falcon OverWatch Threat Hunting report, the industries most frequently targeted in this region include telecommunications, technology, manufacturing, retail and academia; however, in reality all businesses need to be more proactive and vigilant with their security provisions. 

Fighting Cybercrime in Tough Economic Times

These threats put additional pressure on businesses already struggling amid an economic downturn. Today, organisations have to juggle essential business priorities with fewer resources whilst dealing with an adversary that is more motivated. It’s a delicate balance.

When it comes to cybersecurity, this means trying to secure business operations, workforce, and sensitive data in the most effective way with limited resources. Unfortunately, this environment can lead businesses to consider prioritizing funding for other operational requirements over cybersecurity - a decision that can leave them exposed to dangerous risks.

To protect themselves effectively, organisations should continue to prioritize cybersecurity as a critical component of their business. It is always less expensive to pay for proper cybersecurity upfront than in the aftermath of a breach, which also includes expenses such as cleanup, incident response and forensic investigations, legal repercussions, switching security providers, notifying customers, keeping regulators updated and more. 

With the right strategy, there should not be a trade-off between cutting costs and implementing robust cybersecurity. As we navigate an economic downturn, these are the security priorities businesses need to consider to ensure they remain protected:

Ability to scale: Businesses need to know their cybersecurity partner will be able to support them, take on the burden of responsibility for cybersecurity when required. When the economic tide eventually turns and businesses want to expand their security approach, they are able to increase it quickly and effectively. This means working with a security partner able to provide MDR support and is:

●Cloud-native, eliminating complexity and simplifying deployment to lower operational costs

●AI/ML-powered, providing protection across the entire threat lifecycle as well as instant visibility by harnessing the power of big data through a cloud-based analytics platform

●Easy to deploy, taking advantage of a single lightweight agent that works everywhere, including virtual machines and data centres providing protection when endpoints are offline

Maximum value: Businesses often juggle multiple security solutions across their environment - a cumbersome and ineffective approach. Oftentimes, these solutions positioned as ‘free’ become expensive very quickly. This is due to the unforeseen extras to make it effective such as having to support multiple consoles and agents or requiring frequent updates and companion software to ensure it can operate. 

It’s more efficient to consolidate tools into a single platform, or at least minimize the number of vendors they work with using solutions that seamlessly integrate. They must focus on value not only in terms of dollars, but in terms of efficiency and success. 

Full visibility: Businesses should have full visibility of their security solutions. This is essential when it comes to managing external attack surfaces, as well as rapidly remediating breaches. Achieving full visibility across the technology stack can be a challenge, especially if certain parts of the stack are from a recently acquired business or spread across multiple locations. This is particularly important today as more businesses look to transition applications, workloads and data to the cloud. They need to: 

●Eliminate blind spots associated with unmanaged or unsupported legacy systems or via their supply chain

●Minimise risk with asset inventory combined with advanced behavioral analytics to help identify and mitigate potential risks associated with connected devices and networks

●Continuously monitor assets in real time to pinpoint unsupported and unmanaged devices that could lead to a breach

Seeking skills: Another challenge specific to an economic downturn is the potential headcount freeze. It’s difficult - sometimes impossible - to bolster a security team when you can’t take on new members. The best solution to this, for both large and small businesses looking to strengthen their security posture, is to outsource and adopt a managed detection and response approach. This way, a business benefits from the right skills and the appropriate coverage of a proper security team and stack without taking on new headcount.

Turning the tide

It is vital for businesses to not mistake cost for value when it comes to security. Good enough and cheap should not be part of a security conversation. The best and most valuable cybersecurity solution for any business today is one that stops breaches, and organisations need security that works.