It can be hard to conceptualize the impact of a cyber attack on a personal level. People typically imagine an ominous hooded character in a dark room illuminated by a computer screen’s blue light, threatening to destroy or exploit data unless a targeted corporation surrenders millions of dollars. What they don’t realize is, breaches to critical infrastructures could inconvenience them at best, and endanger their lives at worst.
Ransomware has increased by 150% since 2019, and the amount paid by victims increased by over 300% in 2020. With the onslaught of ransomware sweeping the globe in recent months, particularly disturbing some of the United States’ most critical infrastructures, the cost of cyber attacks to everyday citizens is glaring.
A ransomware attack on Colonial Pipeline in May forced a shutdown of the pipeline, causing a fuel shortage and disrupting the lives of millions of east coast Americans and the operations of first responders, ambulances, and airplanes. In June, the world’s largest meat manufacturing company, JBS, was hit and paid $11 million in ransom as its meat processing plants were knocked out and ⅕ of the United States’ meat supply was at stake. In July, hundreds of grocery stores closed in Sweden and schools were knocked offline in New Zealand as part of 800 to 1,500 businesses impacted by a breach to one IT firm, Kaseya.
Price surges, halted transportation and education systems, and even worries of compromised legacy medical hardware in healthcare prove that ransomware has become a public issue and national security threat.
Since the start of the pandemic, cybercrime has increased by 600%. Cybercriminals take advantage of new vulnerabilities and wreak more havoc than ever on individuals, businesses, and whole economies.
Why is ransomware increasing now?
1. Cybersecurity is price prohibitive to most businesses that were a part of the mass adoption of cloud infrastructure.
The uptick in ransomware is primarily due to cloud and SaaS applications’ accelerated adoption across several industries over the last year and the cybersecurity industry’s failure to accommodate these shifts. Even in the midst of digital transformation, cybersecurity software continues to be unreasonably costly and thus exclusive to large corporations, and simultaneously takes advantage of clients by not applying automation to basic cybersecurity processes.
The adoption of new SaaS applications modernize businesses but comes at a cost - vast new security vulnerabilities that most firms aren’t equipped to secure. SaaS platforms are no longer just a luxury to help boost productivity and efficiency. They are critical to business operations - including in small and medium-sized businesses - since the pandemic and the hybrid remote work economy.
80% of businesses can’t afford proper cloud security because the tools on the market cost tens of thousands of dollars. On top of that, utilizing these tools requires technical hires with six-figure salaries. Over ⅓ of small and medium-sized businesses don’t have an IT or security owner, positioning them as low-hanging fruit for hackers.
As for the firms with security personnel in-house, their security teams are being bogged down by the menial work required to set up and maintain new cloud infrastructures. Bandwidth for analyzing insights and proactively monitoring environments for potential threats is suddenly minimal. At the same time, cross-departmental information-sharing, requests for heightened access to data, flexible working hours, and other behaviors that were considered risky a year ago are now normalized, making security professionals’ work more challenging as they need to chart new threat models and risk indicators. In short, security professionals can barely keep their heads above water.
The way the industry is operating is so unsustainable that government-mandated security wouldn't make a dent in the amount of ransomware cases we are to witness.
2. Cybersecurity is an understaffed industry because of digital elitism.
The mass exodus to the cloud and the talent shortage of 500,000 unfilled cybersecurity roles create a perfect storm for ransomware groups. Cybersecurity suffers from a skills shortage and a lack of desire from people to join the industry. Cybersecurity tools require expertise that only highly technical people have, and those people pursue software engineering careers. Only a small percentage of cybersecurity work is interesting at the moment, as most of it is basically data entry in a higher tax bracket.
The talent shortage and fatigued, overburdened IT staff are the products of antiquated cybersecurity technology. Current tools on the market fail to effectively support companies’ security efforts because they’re too expensive, gate kept by being overly complex, and lack transparency in terms of situational awareness into cloud environments.
Without accessible and proactive new technologies, cybersecurity will fail to combat cyber criminals
Cybersecurity technologies today utilize machine learning and keep security teams focused on incident response but don’t allow for predicting future threats, which isn’t sufficient. Teams should have the tools to automate humdrum work like data plumbing so they can detect threats before it’s too late and the damage has been done.
Machine learning alone will not stay the course. Natural language processing and artificial intelligence will make it possible to instantly gain visibility into a business environment, detect insider threats, and evaluate the impact of emerging cyber threats worldwide.
Instant cybersecurity data intelligence will also pave the way for more diversity and inclusion in cybersecurity, resolving the skills and talent shortage. When tools are efficient, affordable, and accessible to all including non-technical people, cybersecurity can diversify its pool by hiring folks from different educational backgrounds. New technologies will directly foster diversity while leveraging skills unique to humans, such as problem-solving and critical thinking.
Businesses of all sectors and sizes should have access to the support they need to have instant, full visibility into their environments, detect threats ahead of them becoming havoc and know the minute they’ve been exposed, and understand the impact and which actions to take in the event of a breach.
