Cybercrime, a new threat to the economy

Cybercrime has been on the rise since the beginning of the health crisis. Attacks intensity and violence has picked up, resulting in significant financial losses, business interruptions and damage to the reputation of the targeted entity.

The protection of computer data is becoming an issue for any digitalized company, regardless of its area of expertise. The goal is to protect the financial and personal data of the company, its employees, collaborators and customers.

Cybercrime: wider field of attack in 2020 and 2021

Originally very active in the health sector, cyber criminals have expanded their activities. With the digitalization of companies, criminals are targeting the financial sector, government agencies, cities, non-governmental organizations, …

The health sector, an easy target for cybercriminals

CybercrimeCyber-attacks against healthcare institutions have been booming throughout 2020, becoming the privileged target of hackers due to the fact that they:

  • are under the spotlight due to the pandemic,
  • are managing sensitive patient data,
  • are willing to pay large sums to recover stolen data,
  • are vulnerable to attacks and do not have a budget dedicated to IT security.

Hospitals, pharmaceutical companies and public health platforms are increasingly subject to ransomware attacks. With the state of health emergency, cybercriminals, endowed with their sophisticated networks, are requesting high ransoms in exchange for the return of stolen data.

According to the PwC firm, the number of cyberattacks targeting healthcare facilities worldwide has increased by 500% since the arrival of Covid-19.

In France, healthcare institutions have been the victims of 27 hacks in a few months, at a rate of one attack per week.

The United States is also facing an unprecedented wave of hacking targeting hospital networks in several states such as Oregon, Vermont, Minnesota, California.... In order to recover data and restore health care services, health care institutions had to give in to significant ransom demands.

In Ireland, the Health Service Executive of Ireland (HSE Ireland) sustained a serious attack on 14 May 2021, crippling public health services.

Pharmaceutical companies are not immune to hacker attacks, either. No less than nine major laboratories and research institutes, developing vaccines or anti-Covid-19 treatments, have been targeted by computer raids. Renowned laboratories such as Sanofi, AstraZeneca and Moderna are among the victims.

Prior to the current health crisis, the WannaCry ransomware attacked the British healthcare system in 2017, affecting a third of hospitals and clinics in England.

According to the National Audit Office, WannaCry represents the largest hack to date that has affected the British healthcare sector. In the same year, the Pacific Alliance Medical Center, a hospital in Los Angeles had more than 260 000 patient records stolen.

Cyberattacks, a risk dreaded by the financial sector

CybercrimeAccording to the Chairman of the U.S. Federal Reserve (Fed), cybercrime will become the main threat to the global financial market in 2021. This risk is now more dreaded than a financial crisis of the magnitude of the one that occurred in 2008.

Although the industry has proved to be relatively resilient, a large-scale attack could :

  • disrupt financial markets,
  • cripple the global economy,
  • negatively impact major financial firms: banks, insurers, brokers...

From March 2020 to March 2021, attacks on financial institutions have increased by 38% worldwide. The increase reached 238% between February and April 2020, a period that corresponds to the appearance of Covid-19.

The health crisis has forced companies to resort to remote work to maintain a minimum of activity during lockdown periods. As a result, the financial sector has become more exposed to intrusion risks.

According to a survey conducted by the Bank for International Settlements (BIS) on a sample of 115415 cyberattacks that had occurred between 2002 and 2019, more than a quarter of them targeted the financial sector: large banks and insurance companies.

  • Banking institutions

American banking institutions in particular are in the sights of hackers, they alone account for more than a quarter of global cyberattacks.

In January 2020, a report from the Fed sounded the alarm. A domino effect is to be feared if one or more large American banks are attacked, in which case, the entire banking system could be blocked.

Still according to the Fed, such an attack could affect more than 40% of the American banking system and cause these institutions to lose the equivalent of 2.7 times the country's gross domestic product.

This is indeed a serious and unprecedented threat that is causing concern among financial authorities.

On the other side of the Atlantic, the European Banking Authority (EBA) was, in March 2021, the target of an attack. EBA is among the many victims (between 20 000 and 60 000) of the hacking of Microsoft's business email software.

  • Insurance companies

The insurance industry, too, continues to report an increase in the frequency and severity of cyberattacks in conjunction with increasing digitalization and the use of teleworking.

Two weeks after deciding to stop paying ransomware for any new cyber insurance policy, AXA fell victim to an attack. Ransomware infiltrated its subsidiary AXA Partners in mid-May 2021, affecting its operations in Hong Kong, Malaysia, the Philippines and Thailand.

The American insurer Chubb, a specialist in IT risks, was also targeted in April 2020.

On July 17, 2020, Mutuelles du Mans Assurance (MMA), a member of the Covéa group, suffered a hack that caused the breakdown of its website and shutdown of its management departments for several days. MMA did not give in to the ransom demand, though.

From July 2020 to date, no less than seven other insurers have sustained similar attacks.

Cyberattacks: other hackers’ targets

Industries within the manufacturing and energy sectors are also among the new targets of hackers who are increasingly targeting companies that can afford to pay large ransoms quickly.

The 7 May 2021 attack on the major U.S. oil pipeline system Colonial Pipeline allowed hackers to collect a ransom of 4.4 million USD in a short period of time.

Acceleration of cyberattacks and rising costs

A quadrupling in the number of cyberattacks has been reported in the year 2020.

With teleworking in progress, employees are falling into the phishing trap more easily. Between February and May 2020, more than half a million people had been affected by personal data theft via video conferencing.

For IBM, the average cost of a data breach resulting from telecommuting can be as high as 137 000 USD.

According to LeMagIT, nearly 1630 ransomware cyberattacks have been reported worldwide in 2020, with 615 cases reported in the first quarter of 2021 alone.

The costs have more than doubled in five years, from 445 billion USD in 2015 to 1 trillion USD in 2019, or 1% of the global GDP, according to the cyber security software vendor McAfee and the Center for Strategic and International Studies (CSIS).

0
Your rating: None
Advertising Program          Terms of Service          Copyright          Useful links          Social networks          Credits