Gorodenkoff/shutterstock.com_680075008
6 December 2024news

Captive execs warned on growing cybersecurity threat

Both people and companies need to be prepared for attacks by hackers and ransomware attackers, delegates at Cayman Captive Forum 2024 have heard. 

At the Cayman Captive Forum 2024, Jon Engstrom from Intel Techniques delivered a keynote address on the morning of the last day of the event, detailing the critical realities of cybercrime and its implications for corporations and individuals alike. His keynote highlighted the alarming escalation of ransomware attacks, the evolving ecosystem of cybercrime, and the urgent need for organisations to bolster their defences. 

Engstrom painted a sobering picture of the financial toll ransomware imposes on organisations. “For any large corporation, the average damage is upwards of $10 million in the long term,” he stated. However, he revealed that this figure often underestimates the true cost. Citing the infamous ransomware attack on the city of Atlanta, he explained: “It was reported they lost $10 million, but behind the scenes, the actual loss was closer to $40 million.” This dramatic escalation stemmed from lost infrastructure and productivity. 

“When systems don’t work, businesses can’t bill or collect revenue. Costs persist, but income halts,” he added, underscoring how ransomware cripples organisations at their core. 

Engstrom introduced attendees to the shadowy world of organised cybercrime, which now operates with the sophistication of legitimate enterprises. “You don’t need any skill to launch an attack anymore,” he warned. “For $200, you can get the code off the dark web, pay $5 in Bitcoin for someone to craft an email, and you’re ready to go.” 

These "crime-as-a-service" businesses mimic legitimate firms, complete with accountants and polished websites. “It’s almost mainstream,” Engstrom noted, highlighting the irony of these illicit operations adopting corporate practices. 

The depth of their operations is staggering. “These forums trade and sell everything—phone numbers, emails, passwords, even screenshots of your desktop,” he said, showing screenshots from criminal forums to emphasise the scale. 

A particularly insidious tool Engstrom discussed was "stealer logs." These malware programs infiltrate a victim’s device, silently harvesting data, including passwords, emails, and even screenshots. “It’s a skeleton key to your computer,” he warned, explaining how this data is later sold in bulk for as little as $5 in Bitcoin. 

Victims often remain unaware for months, allowing attackers ample time to exploit their stolen data. “This is why we say, ‘Think before you click.’ A single misstep can lead to months of data being siphoned off without your knowledge.” 

Engstrom also described how cybercriminals strategically select targets within organisations. Vendors, IT administrators, HR departments, and C-suite executives top the list. 

“Vendors are appealing because their security standards are often lower than the parent organisation,” he explained. IT administrators are targeted due to their extensive access, while HR staff are chosen for their trusting nature and access to sensitive employee data. C-suite executives, he noted, are prime targets because of their high levels of privilege and busy schedules, which create opportunities for exploitation. 

Sophisticated tactics like spear phishing and impersonation are increasingly common. “We stalk our targets online, craft tailored attacks, and exploit any weakness,” he admitted. Engstrom emphasised the role of urgency in phishing emails, noting, “Anything that creates a sense of urgency and asks you to click is almost certainly a phishing email.” 

Perhaps the most chilling insight was Engstrom’s description of cybercriminals’ ethical void. “They will do anything to make money, even if it means killing people,” he said, referencing attacks on hospitals during the COVID-19 pandemic. Hackers targeted respirators, leveraging desperation to extract ransom payments. 

“We need to stop thinking these people have limits,” he stated emphatically. 

In closing, Engstrom urged organisations to prioritise education and vigilance. “If we could get everyone to think before they click, successful attacks would drop dramatically,” he said. He also stressed the importance of robust cybersecurity policies and employee training. 

The message was clear: in a world where cybercrime has become a thriving industry, organisations must stay vigilant, adaptive, and proactive to protect themselves and their stakeholders. As Engstrom poignantly put it, “It’s not just about securing data; it’s about securing our future.” 

Did you get value from this story?  Sign up to our free daily newsletters and get stories like this sent straight to your inbox.