Security fraud had already been alerting companies since before the start of the pandemic, sector studies reported that damages from cybercrime can reach the US $ 6 trillion by 2021, which would be equivalent to the GDP of the third-largest economy in the world. world.
Organizations, after what they have experienced in the pandemic, have great learnings in terms of cybersecurity and should be thinking about how to incorporate them. The region increased by 139% in the number of unusual transactions, considered as suspected fraud so far this year, which requires a gigantic effort to detect and contain them. Companies with risk-based authentication (RBA) strategies or those with adequate validation schemes fared well; but for those that are just defining their protection model, their vulnerability is a clear concern.
During the second quarter, there was a 24% increase in electronic fraud attempts, for the third quarter of the year, there was an additional increase of 18%. Phishing figures rose to 38% during the last three months and the development of websites that induce users to contact a phone number where the fraud is carried out, grew 174%.
Connections made from cloned sites of legitimate pages, which for this same reason are suspected of phishing, rose 254% in April, in July their growth reached 304%, and by August it stabilized at 37%. On the other hand, the connections made to legitimate sites added 26% more for the month of April.
The world is facing a growing problem, Ransomware, attacks directed at companies of any industry or size, even government entities, whose main objective is the hijacking of information for a subsequent economic rescue. Data in the industry dictate that about 40% of companies pay ransoms and approximately 15% never get their information back, and the cost associated with these attacks is in the millions of dollars.
Organizations generally use VPN solutions (Virtual Private Networks) to connect to their remote resources through public networks; which represents a risk, mainly because they have major deficiencies in the way they insecurely store authentication and session cookies in memory.
In addition, their main objective is not to be a security tool and they present great logistics and procurement challenges.
Given these levels of vulnerability, the most complete solution is the Software-Defined Perimeter (SDP), which enables business transformation by implementing Zero Trust principles. Its main benefit is that it guarantees that the interconnectivity of resources, both internal and external, are protected.
Threat analysis, which includes intelligence, controls and takes into account contexts and above all the flexibility of the cybercrime business and new realities, will be the appropriate new need for the protection of cybersecurity in organizations.
As never before, companies must include cybersecurity in their DNA. The little planning, cyberculture and its low investment will bring devastating consequences. The more users and devices are connected, the risks associated with electronic fraud and cyber attacks will be a recurring headache.