Cybercrime (And Lightning) Have No Problem Striking Twice
We’ve become aware of a concerning phenomenon: the perception that a business that has already been targeted by a cyberattack, won’t be attacked again. We here to tell you that this is decidedly not the case—in fact, according to cybersecurity solutions provider Crowdstrike, there’s a 68 percent chance a targeted business will see another attack within a year.
Let’s explore just how wrong this assumption is, and what you should actually do about it.
People Assume Data Breaches are “One and Done”
It really is odd; how many businesses seem to act under the assumption that a cyberattack is something that can only happen to an organization once. Like we just said, this is patently untrue—literally two-thirds of businesses were targeted again in the statistic we just cited. However, it may help to take some time and consider where this idea might have come from.
Why Are Disasters Seen as Rare Events?
Just think about it for a moment. We talk a lot about how important business continuity planning is and the various situations that can lead to it: hardware failure, weather events, things like that. With so many routes potentially leading to business disasters, it’s odd to think that such things could be considered outliers… the exceptions to the rules of circumstance, when things just happen to go wrong.
This just isn’t the reality. Let’s take a moment to examine hardware failure, for instance.
Did you know that there is a mathematical formula meant to assist manufacturers in recommending inspection frequency and hardware replacement in specialized systems, like the guidance systems found in modern aircraft? While failures in these systems are relatively (and thankfully) rare, they still need to be predictable. To accomplish this, a process is used to calculate the mean time between failures (MTBF):
- An identical experiment is run on a sample of similar test cases for a predetermined length of time, with the length of time each case operates without fail annotated. If a test case doesn’t experience a failure, they get the entire duration of the test as their value.
- Then, the average operational time of all the test cases is found by totaling up the amount of time each ran successfully and then dividing the total duration by the number of cases that failed.
- This provides the average number of times the test cases failed during the experiment, which are then converted to a more meaningful and appropriate timeframe for practical application.
Of course, this MTBF isn’t a hard and fast rule. Sometimes, hardware will fail sooner, and sometimes, it will last much longer. Again, it’s an average to help guide best practices.
The Same Principle is Found Everywhere Averages Are Found
Take weather events: I know the old saying that lightning never strikes the same place twice, but the Empire State Building would have to disagree. The historic landmark is struck on average (that important word again) 25 times each year. For an even more drastic example, look at Roy “Human Lightning Rod” Sullivan, who was struck by lightning seven times between 1942 and 1977, surviving each time.
Events like these all come down to chance, with different variables inside and outside your business contributing and taking away from the potential likelihoods that various outcomes will realize. Most disasters are just these variables leading to an unpleasant outcome.
Unfortunately, that isn’t how cybercrime works.
What Makes Cybercrime So Different?
Let’s go back to Crowdstrike and the data they produced, where an initial attack had a 68 percent chance of being followed by a second attempt. Unlike the disasters we’ve already gone over, cybercriminals and the strategies they follow don’t operate randomly. Instead, they actively target the best potential victims for their preferred outcome—who better than a business that had proven to be vulnerable before?
Fortunately, the businesses that Crowdstrike was observing managed to avoid the same outcome repeating itself.
What This Should Tell You About Your Cybersecurity
The takeaway here is this: if your organization has already been targeted by a cyberattack in the past, you should fully expect another one to follow… most likely sooner than later. To help prevent this, you need to make sure your cybersecurity weaknesses are all reinforced. Obviously, this includes the vulnerability that let in the initial threat, but you should by no means stop there.
The same can and should be said for businesses that haven’t been breached. Complacency is a dirty word in the vocabulary of cybersecurity. You should act proactively to identify your potential weaknesses and minimize the chance that an attack will be successful before it becomes a possibility.
Whichever situation applies to your business, First Column IT is here to help. Not only can we provide you with comprehensive security solutions, we’ll also be there to keep watch over your network infrastructure to make sure nothing slips past.
To learn more, give us a call at 703-880-6683 and ask.