Corporation Service Company (CSC), the leading provider of corporate domain management and online brand protection services, today announces the three biggest cyber threats digital brands will face in 2017 – and how to manage them.
- Distributed Denial of Service (DDoS) attacks are set to increase in 2017. This now common form of cyber-attack floods servers with traffic which consequently overloads networks. DDoS attack activity increased 85% year on year in 2016, whilst Deloitte recently estimated there will be on over 10 million DDoS attacks in total this year.[1]
Worryingly, 50% of businesses worldwide have no countermeasures against DDoS attacks, presenting an irresistible opportunity for cyber criminals to attack businesses in 2017.[2] To reduce this risk, businesses must consolidate all domain names onto a single DNS platform and start adopting a DDoS protection / mitigation service.
- Email phishing scams are one of the biggest threats brands face today. Research shows that phishing attacks currently cost brands $4.5 billion a year, with customers 42% less likely to do business with a company that has fallen victim to an attack.[3] Because these attacks happen in an instant, they are difficult to defend against and are likely to increase this year.
In response, businesses need to improve staff training, showing them how to identify phishing emails, and start subscribing to email fraud protection and email takedown services that provide threat assessments and blacklist offending URLs.
- Expiring Secure Sockets Layer (SSL) certificates – designed to secure online payment transactions – are putting both brands and consumers at risk of cyber-attack. The cost of expiring SSL certificates is significant; according to a recent survey, the average multinational company spends $15 million to recover from the loss of business due to a certificate outage and can face a further fine of up to $25 million from regulatory bodies.[4]
CSC recommends following three simple steps to ensure brands do not fall victim to this kind of attack. First, audit all existing certificates and cross-reference them with your live websites. Next, consolidate certificates onto one platform, making the certificates easier to manage. Last, develop and implement a policy and process to ensure all certificates are managed effectively in the future.
Ken Linscott, Director Cyber Security Services, CSC says:
“The days when businesses relied on lock and key to keep their assets safe are long gone. Today, it’s cyber security systems which are responsible for keeping criminals at arm’s length. This reality has finally been recognised by Governments across the globe, with both the UK and US investing heavily in national defences against cyber-attacks.
The problem for corporations is that it’s ridiculously easy for anyone with a grudge or criminal intent to target a brand and launch an attack. You don’t need a degree in computer science or to spend lots of money – the tools used to launch these attacks are readily available and simple to use. It’s not a question of ‘if’ you will be targeted but ‘when’. Our advice is to ensure the threats and consequences to your business are truly understood at board level as these are decisions that can make or break a brand.”
[1] Deloitte Tech Trends 2017, p6
[2] http://www.itpro.co.uk/security/23749/ddos-attacks-remain-key-threat-with-only-half-of-companies-prepared
[3] https://www.emc.com/emc-plus/rsa-thought-leadership/online-fraud/index.htm
[4] http://www.csoonline.com/article/2987186/browser-security/expired-certificates-cost-businesses-15-million-per-outage.html