How to Survive a DDoS Attack (and Save Millions)

Cybersecurity has inevitably become an increased priority since the mid-'90s for governments, organizations, and even individuals. Undoubtedly, it has gained more attention with each passing year. In fact, about 30 years later, we are looking at a shocking estimate of $10.5 trillion as the expected cost arising from cybercrimes by the year 2025. To put that number in perspective, it could account for approximately 10% of the world's overall GDP, which is expected to be $116.4 trillion in 2025 according to IMF forecasts.

At the same time, there is a major challenge in human resources on a global scale, as the demand for cybersecurity experts far outweighs the supply. The booming fintech industry exacerbates the need for cybersecurity professionals. Becoming a cybersecurity professional requires more than completing relevant studies; it involves endless training, building experience over years, active participation in related communities, and continuous engagement within the industry.

Shortage of Cybersecurity Professionals

Adding an interesting fact to the problem, 38% of currently employed cybersecurity professionals consider changing or even quitting their careers due to increased stress and pressure in their working environments. These professionals deserve praise for handling such challenging roles with demanding objectives in a dynamically evolving cyber landscape.

To secure your data, it is important to support your Chief Information Security Officer (CISO). One crucial way to support your CISO is by allocating a dedicated cybersecurity budget that allows your team to invest in technology, automation tools, and, most importantly, human resources. Since security professionals require years to develop and mature, the HR department should develop a long-term plan to attract valuable professionals and create an environment that encourages them to stay beyond the average churn rate of 26 months. Yet, looking for cybersecurity service providers who can offer long-term support to your organization is advisable.

Human Error

Another major risk identified by most studies is human error, which is often cited as the main reason for cybersecurity breaches. One of the most comprehensive studies conducted by Stanford University revealed that people most often fall victim to phishing attacks and click on malicious links primarily received through email and social media channels. Many times, phishing emails are so well-crafted that even professionals struggle to recognize that their authenticity is fake.

The good news is that organizations can significantly reduce human error by introducing end-user cybersecurity awareness training every six months and keeping the content updated with the latest trends. It is even recommended to include this training during the employee onboarding process. Many online training platforms offer progress reports, scoring systems, interactive questions, certification programs, and quizzes to make the process engaging.

However, breaches are not always caused by mistakes. There are cases of negligence and, on rare occasions, intentional actions. Detecting, handling, and preventing such events is much more challenging. With today's technology and possibilities, the impact of these events can be reduced to a minimum and, in some cases, almost eliminated.

Compromised Endpoint Devices

The next biggest risk after human error is a breach caused by a compromised device. The post-COVID era has led to more people working from home or remotely, exposing corporate devices to additional threats. Many organizations even allow 'bring your own device' (BYOD) policies, which pose further challenges in terms of protection, as these devices are not organizationally owned and are considered personal.

Information security professionals often face discussions regarding BYOD, with executives demanding exceptions to the default company information security policies. These exceptions are often justified by the need for a more flexible working environment and the urgency and impact of executive access. However, these exceptions can lead to compromised executive devices, which should be avoided.

Service Disruption

In a previous article, we discussed how DDoS attacks target Forex Brokers and aim to bring down their apps and portals. These attacks are often accompanied by ransom demands, such as in the case of FXStreet. Ransom DDoS attacks remain a trend, along with ransomware. Therefore, service disruption caused by such events is still one of the highest cybersecurity risks that Forex Brokers face in 2023. Although most attacks can be mitigated relatively easily, organizations must be prepared for larger incidents that may eventually reach them. The best course of action is preparation. Having a protection and mitigation strategy in place is not always sufficient. Testing readiness and response plans are crucial to ensure they work when needed.

Data Leakage

In cases where all information security policies, controls, and measures fail, Forex Brokers are exposed to the risk of data leaks. Not all data leakage happens maliciously; often, it can occur due to simple mistakes or accidents. However, it is one of the worst scenarios in a cybersecurity incident, as it can cause serious reputational damage to the affected organization, resulting in loss of revenue, loss of customers, or even fines issued by regulators.

Data leakage is often part of a larger breach, such as a ransomware attack, where cybercriminals demand a ransom for not publishing the exfiltrated data. According to IBM's 'Cost of a Data Breach 2022' report, the average ransomware attack cost is $4.54 million, excluding the ransom itself. Protecting an organization against data leakage is one of the biggest challenges information security professionals face.

One of the challenges faced is that authorized users who access sensitive data can cause a leak due to mishandling, negligent storage in unsecure places, or even intentional theft. Restricting access to sensitive data based on the 'least privilege' principle helps limit access to only what is necessary for users to perform their jobs. However, additional protection mechanisms, such as data encryption and data leakage prevention systems, often negatively impact the workflow performance of users.

Interestingly, the report mentioned above introduces statistics related to supply chain attacks, another notable rising risk that Forex Brokers face.

Supply Chain Attacks

As organizations shift workloads and services to cloud and software-as-a-service providers (SaaS), they inevitably increase the attack surface of their own services and data. While reducing IT costs along with overheads by eliminating server rooms and the appeal of IT infrastructure, many don't realize that suppliers, service providers, and SaaS providers do not always follow the same security standards as typical organizations.

Some notable examples of supply chain attacks include the breach of SolarWinds, where attackers have infiltrated SolarWinds' build systems and inserted malware, which then spread to customers as part of a legitimate software update. Another case is the supply chain attack on 3CX, a VoIP provider whose software was corrupted by North Korea-linked hackers, potentially infecting hundreds of thousands of customers. These incidents demonstrate how a single group of hackers can use one software supply-chain attack to carry out a second one, creating a supply-chain domino effect.

Wrapping up, remember Rome was not built in a day. Establishing a solid information security strategy takes time, experience, and maturity. Organizations need to shift their focus to the cybersecurity landscape, invest in it, understand emerging threats and risks, and work towards ensuring a secure digital future. Cybersecurity is an endless cat-and-mouse game, both inevitable and unfortunate. However, a team of experts can fully assist you throughout this journey.