Cybercrime is on the rise today so it’s not surprising that IT professionals are so concerned. These crimes are costing a lot of money – both in problems caused and in solving the crimes or even preventing them all together. Fortunately, once you understand this cost you can also find some free and inexpensive tools that will protect your business. It’s a complex situation that must be addressed from every side of the issue.
Why Cybercrime is on the Rise
Many people are quite surprised to learn just how extensive cybercrime really is, especially since it’s a relatively new issue. In fact, BMC says that in 2015 under 1% of mobile devices were affected by data breaches. Today, data breaches affect more than three-fifths of mobile devices, which is an increase of 29%. This has happened in several different ways, including:
- Embedding malware in legitimate applications
- Targeting poorly secured Wi-fi networks
- Stealing passwords and other types of sensitive data
- Exploiting unauthorized products with weak security controls that are found in the cloud
The Cost of Cyber Crime
With such vast amounts of cybercrime occurring today, you shouldn’t be surprised to hear that CNBC discovered this “cost the global economy over $450 billion” in 2016. This is because cyber threat intelligence says that over 2 billion personal records and over 100 million medical records were stolen in that year alone.
Forbes has studied patterns in cybercrime. They believe that the crime quadrupled between 2013 – 2015 and will do so again between 2015 – 2019. This is blamed on the rapid digitization of consumers lives, which many experts believe will cost $2.1 trillion by 2019. When you look at these numbers you’ll see that this is quadruple the cost of cybercrime in 2015.
Must-Have Ingredients for a Healthy Security System
When you look at how rampantly cybercrime is growing, you’ll want to do something to protect your business. Fortunately, SolarWinds MSP tells us this doesn’t have to cost us a lot of money. In fact, there are a lot of things we can do for free, or inexpensively, that form the basis of a balanced and healthy defensive security diet. As you begin you’ll want to make sure you look at these free items:
- You need to take your offensive security seriously as this mindset will really help you ward off cyber attacks. Kali Linux is a free open source threat intelligence tool. It’s an all-in-one penetration testing platform with a Linux operating system that incorporates over 300 penetration testing and security auditing programs. This allows you to test how good your risk mitigation is.
- Most hackers use Nmap, a tool that you can use too. This is a network scanner that maps a whole network to see what’s connected to it. Security audits conducted by this tool is used to provide details on network discovery, port scanning, service enumeration, vulnerability mapping and even exploitations. Once it finds these things it also tells you what software and hardware versions cybercriminals are using. For these reasons, you’ll want to build Nmap into your security team DNA.
- AlienVault is known for developing open source solutions for cyber attacks. One of the products they have is the Open Threat Exchange (OTX) database that monitors DNS registration and SSL certificates so if your public IPs and domains are under a threat you’ll know as soon as possible. All you need to do is install Reputation Monitor Alert so you receive the necessary alerts when they do occur.
- Scanning lies at the heart of any good cybersecurity system. Although this is a routine measure, it’s one that you’ll want to make easier by saving often used scans and being able to search through your database of scan results so you can easily manage comparative analysis. All of this becomes much easier with Zenmap, which is a GUI by Nmap. This tool is easy enough for beginners and yet appealing enough for advanced users to appreciate.
- A great network protocol analyser, Wireshark shows you exactly what’s happening on your network – as if it were under a microscope. This tool is both multi-platform and multi-talented. It comes with a GUI that’s easy, yet powerful. With it, you’ll have great insight into protecting your network as you can watch the traffic flow through it.
- When you want to discover and capture (or crack) WiFi WEP and WPA-PSK keys you’ll want to use Aircrack-ng. This tool implements the same standard FMS attacks, as well as some other optimized attack scenarios that cybercriminals use. Once it captures enough data it ‘recovers’ the keys. Of course, this only works if your wireless networking is weakly configured and authenticated.
- Any business that needs to explain just how important network security intelligence is when it comes to cybersecurity should use ThreatFinder to do so.
After you get started, you may want to slowly start investing some money into this part of your business. There’s one tool you’ll definitely want to make your first monetary investment in – Metasploit. The reason why this tool comes so highly recommended is that to stop cybercrime you must think like a cyber criminal. This allows you to understand what they’re doing and be on the lookout for tools that will stop them dead in their tracks. With Metasploit, you’re getting a penetration testing tool. It simulates real-world attacks so you can find weak points in your business before a cyber attacker uses this vulnerability to their benefit.
Clearly, cybercrime isn’t something you can avoid because it’s not going anywhere today. If anything, you need to start investing in your business’ security immediately. Hopefully, now you have a good idea of how you can do this today.