ACID Proactive Cyber Protection
ACID performs continuous monitoring of numerous sources and platforms to detect attacks as early as in their planning stage. Real-time, detailed alerts allow you to take action to thwart the attacks or mitigate their consequences.
“Cybercrime is the greatest threat to every company in the world”
IBM’s chairman, president & CEO, Ginny Rometty
Cybercriminals and cyberterrorists are constantly looking for new methods of attack and vulnerable entry points into their victims’ systems.
Cybercrimes cost the world nearly $600 billion each year, equivalent to 0.8% of the global GDP. The continued severity of the problem is evidenced by the rapid growth projection of the global cyber insurance market – from US$ 7.7 billion in 2020 to US$ 20.4 by 2025, at a CAGR of 21.2% (Mordor Intelligence, 2020).
Losses to cybercrime are continuing to increase dramatically: According to an FBI report dated March 2022, these losses amounted to US$ 4.2 billion in 2020, and were estimated at US$ 6.9 billion in 2021. In mid-2022, Check Point Research reported that it had detected 50% more attempts per week to attack corporate networks worldwide in 2021 than in 2020. A Positive Technologies study covering organizations in the financial, energy, IT, government and industrial sectors revealed that in 93% of cases an external attacker is able to breach the targeted organization and gain access to internal data. According to Anchore’s Software Supply Chain Security Survey, supply chain attacks impacted 62% of organizations in 2021. A global study indicated that 82% of surveyed CIOs believed that their organizations were vulnerable to cyberattacks targeting software supply chains (Beta News, first half of 2022).
Russia’s invasion of Ukraine in early 2022 was also a significant contributing factor to the threat environment, leading to an 8-fold increase in Russian-based phishing attacks against email addresses of European and US-based businesses (AAG).
Small- to medium-sized companies suffer more than 50% of all cyberattacks (Cybersecurity Ventures, 2021), in part due to their inability to invest the resources required for effective protection that would lower their risks. About 60% of organizations of this size that are hacked or sustain a data breach declare bankruptcy within several months. The most frequent types of attack targeting small business are phishing/social engineering (57%), compromised/stolen devices (33%) and credential theft (30%).
In January 2023, Jen Easterly, Director of CISA (the Cybersecurity and Infrastructure Security Agency established to protect all critical U.S. infrastructure), referring to massive attacks on K-12 schools, hospitals and small businesses which she identifies as the engine of the U.S. economy, called them “target rich, cyber poor”.
43% of cyberattacks are directed against small businesses, yet only 14% are prepared to defend themselves (Accenture). Data provided by Ponemon Institute underscores the harsh reality: 66% of surveyed small businesses have experienced an attack in the preceding 12 months, 69% divulged that the attacks were becoming more targeted, and 45% admitted that their processes were ineffective at mitigating the attacks.
Looking ahead, some trends and threats that require an effective response are:
In its 2022 Cloud Security Report, Check Point Software Technologies states that 76% of enterprises are now using two or more cloud providers, and that 35% of organizations have more than 50% of their workloads in the cloud. 29% anticipate that in the next 12-18 months this will increase to up to 75%. According to Gartner, through 2023, “…at least 99% of cloud security failures will be the customer’s fault.” One third of the respondents in Accenture’s survey, as stated in its State of Cybersecurity Report 2021, explained that poor governance and compliance, and the complexity of cloud security coupled with a lack of the internal skills were the reasons for the inadequate level of cloud security in their organizations. This highlights the importance of a comprehensive cloud security policy and its enforcement, and the implementation of effective cloud security tools, with proper employee training.
The proliferation of ransomware
In the first half of 2022 alone, about 236.1 million ransomware attacks were executed worldwide (AAG). In its mid-year security report for 2022, Check Point Software Technologies revealed a 42% global increase in cyberattacks, identifying ransomware as the greatest threat. Ransomware as a Service (RaaS) is of particular concern: In RaaS, cyber criminals execute attacks using the infrastructure developed by expert cyber criminals in exchange for a share of the profit.
Internet of Things (IoT)
The number of IoT devices operating today worldwide is estimated at 17 billion, ranging from the mundane (garage doors, for example), to healthcare devices. According to Microsoft’s Digital Defense Report 2022, IoT devices are a key entry point for many attacks. Unfortunately, the threat is exacerbated by the fact that processes for security updates with patches are lacking, leaving many devices vulnerable. Some experts believe that criminal groups, perhaps also those affiliated with foreign governments, will exploit this weakness at scale. Mario Greco, the CEO of Zurich Insurance Group, in an interview to The Financial Times at the end of 2022, stated that if cyber criminals would carry out attacks in order to disrupt lives (as opposed to stealing data), the potential threat to insurers could be greater than pandemics and climate change.
Artificial Intelligence (AI) and machine learning (ML)
The use of AI and ML to perpetrate increasingly sophisticated cyberattacks is a concern highlighted by Dark Reading in its article from January 2023. It states that AI can be used to produce more convincing phishing lures, with more variability and in a variety of languages, which can dynamically adjust to the victim’s profile. It furthermore states that security experts have already demonstrated that AI can be used to create a full attack chain, and that attackers could use AI to quickly create fast implants that use the latest vulnerabilities before organizations can patch. Perhaps the greatest concern of all is that AI can be used to function as artificial humans.
For you, the IT security professional, “know thy enemy” is imperative. You may be receiving updated information from various sources provided by threat intelligence companies about methods of attack preferred by hostile perpetrators and the vulnerabilities they successfully exploit. You, like your colleagues, are most likely scrambling to improve defense mechanisms and close gaps to avoid being included in the above statistics. You aim to avoid being a data-breached company that has lost customer confidence and is at serious risk of losing a sizable share of its business.
But even with the most updated information on cyber threats, your actions may be insufficiently effective or too late.
This is where ACID comes in.
ACID, a dark web monitoring and cyber intelligence company, provides real-time information about attacks targeting your organization, even as early as in their planning stage, to enable you to prepare an effective response, mitigate their consequences, and perhaps foil them entirely.
It unleashes clusters of robots and implements advanced AI algorithms to detect the first hints of hostile activity. Once detected, it sends alerts in real-time to the intended targets to enable them to take appropriate advance action. ACID continues round-the-clock monitoring for as long as the threat remains, to collect additional information as it becomes available and update the targeted organization, thus enabling it to fine-tune its response for optimal effectiveness.
The global cost of cybercrime is estimated to reach $10.5 trillion annually by 2025 (cybersecurityventures.com). Yet an IDG Research Services survey revealed that despite increased IT security investments in 2020, 78% of senior IT professionals and IT security leaders believed that their organizations’ protection against cyberattacks was insufficient (as reported by Yahoo! Finance in 2021). The World Economic Forum states that one of the main reasons is the shortage of skilled cybersecurity experts: “There is an undersupply of cyber professionals—a gap of more than 3 million worldwide who can provide cyber leadership, test and secure systems, and train people in digital hygiene.” Some sources claim that the figure is as high as 3.5 million. As an example, while there are about 1.1 million people employed in cybersecurity in the USA alone, there are also 700,000 unfilled positions (Cyberseek). The problem is not limited to the undersupply of professionals, but also to their skill level: 95% of cyber professionals believe that the skill gap has not been reduced in recent years, and 44% believe it has actually gotten worse (Information Systems Security Association – ISSA and analyst firm Enterprise Strategy Group – ESG).
To be effective, cybersecurity must therefore rely heavily on automated, state-of-the-art technological solutions. On ACID.
By providing detailed alerts in real-time, ACID allows the targeted organization’s cyber professionals to dedicate their time and effort to taking the appropriate advance action to counter the threat, instead of spending valuable resources to deal with threats once they materialize and inflict damage.
By allowing organizations to prepare for and effectively deal with planned cyberattacks, ACID allows them to maintain business continuity, which not only benefits their revenues, but also protects their reputation and contributes to customer retention.
With ACID, the organization can make the most of its resources, investing them where they are most needed. Even more importantly, it can potentially eliminate or minimize the high financial cost resulting from a security breach – be it the payment of ransom or the cost of restoring normal operation. This is particularly critical at a time when 77% of surveyed organizations worldwide report that they do not have a cyber security incident response plan applied consistently across the enterprise (report commissioned by IBM).
Constant in-depth monitoring
ACID operates 24/7/365, monitoring the clear, deep and dark web for any hint of hostile activity targeting each of its clients. It constantly updates its technological tools to effectively deal with new and anticipated threats and attack methods.
ACID’s solutions are fully automated. Monitoring takes place 24/7/365 with no need for human intervention, and alerts are automatically sent immediately upon detection of a potential threat. Full automation presents a dual advantage: Client organizations can rest assured that they will receive information on threats without delay; and can optimize their response based on new, updated information supplied to them by ACID as soon as it becomes available.
ACID, together with each client, tailors its services to produce optimal results and maximum benefit. Keywords can be easily added, changed or removed, as necessary – at any time.
Intelligence gathering for continuous upgrading
The ACID team gathers and analyzes information concerning new threats and methods of attack on an ongoing basis, also implementing proprietary AI algorithms. We also investigate tutorials that are disseminated among cybercriminals and terrorists, discussions in dark web and deep web forums, and more. Constantly keeping abreast of new developments and analyzing new directions with the most advanced methods at our disposal allows us to keep at least one step ahead of the perpetrators, anticipate new threats and upgrade our detection capabilities.