fbpx
Connect with us

Cybersecurity

Cybersecurity market to reach $300bn by 2027

Yehia El Amine

Published

 on

Cybersecurity market

The beginning of April was considered the worst week for social media firms across the aisle, as news headlines as far as the finger can scroll were swamped with news of billions of user accounts were leaked on a hacker forum for sale.

Leaks affected social networking giants such as Facebook, popular audio drop-in app Clubhouse, and the Microsoft-owned LinkedIn. These are but a glimpse of how businesses across the world and different industries are susceptible to breaches and leaks.

One cannot argue that such data leaks caught the eyes of many, from Big Tech to your everyday consumer, prompting a deeper look into cybersecurity on every scale.

A sentiment not only expressed through feelings of worry but also backed up by numbers.

According to a recent report by Allied Market Research, the cybersecurity market is on its way to reach $304.91 Billion, Globally, by 2027 at 9.4 percent CAGR; a market that had only generated $149.67 billion in 2019.

Drivers, restraints, and opportunities

An increase in malware and phishing threats among enterprises, rise in adoption of the Internet of Things (IoT) and Bring Your Own Device (BYOD), as well as demand for cloud-based cybersecurity solutions drive the growth of the global cyber security market.

However, budgetary constraints and complexities involved in the security of devices hinder the market growth.

“On the other hand, surge in adoption of mobile device applications and platforms, requirement for strong authentication methods, and transformation of the traditional antivirus software industry present new opportunities in the coming years,” the report noted.

Impact of COVID-19 on the cybersecurity market

According to the report, the number of cyberattacks has been increased during the lockdown as many organizations adopted the work from home strategy. “The need to implement cybersecurity for addressing security issues and facilitating secured access increased considerably,” the study stressed.

Not only that, one of targets by hackers were classified as being hospital data, healthcare apps, and wearable devices – which have been increased as the volume of patient data increased. “The need to secure and authenticate data in healthcare organizations surged,” the authors advised.

It is important to note the rise in COVID-19-related phishing and ransomware attacks, which is due to the utilization of the virus as bait to lead brands astray and attack their websites and apps.

“Cybersecurity providers have been focusing on innovations and development of advanced solutions by including features such as cloud security & AI-integrated solutions to deal with new types of viruses and ransomware used by attackers,” the report said.

The solution segment to maintain its highest contribution

Based on component, the solution segment accounted for the largest market share, contributing to more than two-thirds of the total share of the global cybersecurity market in 2019, and will maintain its highest contribution in terms of revenue during the forecast period.

“This is due to rise in need for vulnerability assessment, penetration testing, and compliance with the leading federal, defense, and industry security standards,” the report said; however, it also found that the services segment is projected to witness the largest CAGR of 11.2 percent from 2020 to 2027, owing to surge in cyber-attacks on the IT infrastructure of organizations.

The on-premises segment to maintain its dominant share

According to predictions based on deployment, the on-premises segment held the largest share in 2019, contributing to more than half of the global cyber security market, and is expected to maintain its dominant share during the forecast period.

“This is due to rise in need to secure critical data and track the influx of data within the organization,” the report said. However, the cloud segment is estimated to manifest the highest CAGR of 11.2 percent from 2020 to 2027, owing to lack of capital cost and low maintenance cost.

North America to continue to lead by 2027

Based on region, North America contributed to the highest market share in 2019, accounting for nearly one-third of the total share of the global cyber security market and will continue to lead by 2027.

“This is attributed to presence of major key players, high ICT spending, and huge number of cyber-attacks on various enterprises,” the study highlighted.

However, Asia-Pacific is estimated to portray the fastest CAGR of 11 percent during the forecast period, owing to adoption of wireless & mobile devices, rise in cyber-crimes, increase in awareness regarding data security, and strict security standards & government policies.

Advertisement

Yehia is an investigative journalist and editor with extensive experience in the news industry as well as digital content creation across the board. He strives to bring the human element to his writing.

Continue Reading
Advertisement

Cybersecurity

EXPLAINER: Why the Colonial Pipeline hack matters

Associated Press

Published

 on

EXPLAINER Why the Colonial Pipeline hack matters

A cyberattack on a critical U.S. pipeline is sending ripple effects across the economy, highlighting cybersecurity vulnerabilities in the nation’s aging energy infrastructure. The Colonial Pipeline, which delivers about 45% of the fuel used along the Eastern Seaboard, shut down Friday after a ransomware attack by gang of criminal hackers that calls itself DarkSide. Depending on how long the shutdown lasts, the incident could impact millions of consumers.

WHAT HAPPENED TO THE COLONIAL PIPELINE?

Colonial Pipeline, the owner, halted all pipeline operations over the weekend, forcing what the company called a precautionary shutdown. U.S. officials said Monday that the “ransomware” malware used in the attack didn’t spread to the critical systems that control the pipeline’s operation. But the mere fact that it could have done so alarmed outside security experts.

WILL THERE BE GASOLINE SHORTAGES?

It depends on how long the shutdown lasts. Colonial said it’s likely to restore service on the majority of its pipeline by Friday.

There’s no imminent shortfall, and thus no need to panic buy gasoline, said Richard Joswick, head of global oil analytics at S&P Global Platts. If the pipeline is restored by Friday, there won’t be much of an issue. “If it does drag on for two weeks, it’s a problem,” Joswick added. “You’d wind up with price spikes and probably some service stations getting low on supply. And panic buying just makes it worse.”

SO WHAT’S HAPPENING WITH GASOLINE PRICES?

The average gasoline price jumped six cents to $2.96 over the past week, and it’s expected to continue climbing because of the pipeline closure, according to AAA. Mississippi, Tennessee and the East Coast from Georgia to Delaware are the most likely to experience limited fuel availability and higher prices, and if the national average rises by three more cents, these would be the highest prices since November 2014, according to AAA.

WHAT’S RANSOMWARE AGAIN?

Ransomware scrambles data that can only be decoded with a software key after the victim pays off the criminal perpetrators. An epidemic of ransomware attacks has gotten so bad that Biden administration officials recently deemed them a national security threat. Hospitals, schools, police departments and state and local governments are regularly hit. Ransomware attacks are difficult to stop in part because they’re usually launched by criminal syndicates that enjoy safe harbor abroad, mostly in former Soviet states.

WHO IS BEHIND THE ATTACK AND WHAT MOTIVATES THEM?

The hackers are Russian speakers from DarkSide, one of dozens of ransomware gangs that specialize in double extortion, in which the criminals steal an organization’s data before encrypting it. They then threaten to dump that data online if the victim doesn’t pay up, creating a second disincentive to trying to recover without paying.

Ransomware gangs say they are motivated only by profit. Colonial has not said how much ransom s.

WHY WASN’T COLONIAL ABLE TO PREVENT OR CONTAIN THE ATTACK?

Neither Colonial nor federal officials have explained how the attackers breached the company’s network and went undetected. Cybersecurity experts believe that Colonial may not have employed state-of-the-art defenses, in which software agents actively monitor networks for anomalies and are programmed to detect known threats such as DarkSide’s infiltration tools.

WHAT DOES COLONIAL NEED TO RESTORE ITS NETWORK AND HOW LONG WILL THAT TAKE?

That depends on how extensively Colonial was infected, whether it paid the ransom and, if it did, when it got the software decryption key. The decryption process could take several days at least, experts say. Colonial has not responded to questions on these issues, although it said only its IT network was affected.

DO PIPELINES FACE A GREATER RISK OF RANSOMWARE ATTACKS?

They’re not necessarily at greater risk, but they do pose unique challenges. The Colonial Pipeline structure is a vast piece of critical infrastructure that provides fuel supply to states along the East Coast. Such a large network is bound to have different control systems along its path where it connects with distributors or customers.

“Every single time you connect something, you run the risk that you’re going to infect something,” said Kevin Book, managing director at Clearview Energy Partners. That variability can also make it harder for hackers to know where to find vulnerabilities, he said.

Over time, as pipelines expand, companies can end up with a mix of technology — some parts built within the company and others brought in from outside, said Peter McNally, global sector lead at Third Bridge. Many large energy companies have been under pressure from investors to limit reinvestment in such assets, which can be decades old, he added. That can be a problem when dealing with modern criminals.

The Federal Energy Regulatory Commission has established and enforced mandatory cybersecurity standards for the bulk electric system, but there are no comparable standards for the nearly 3 million miles of natural gas, oil and hazardous liquid pipelines that traverse the United States. “Simply encouraging pipelines to voluntarily adopt best practices is an inadequate response to the ever-increasing number and sophistication of malevolent cyber actors,” said Richard Glick, chairman of the Federal Energy Regulatory Commission, and Democratic Commissioner Allison Clements, in a joint statement. They called for the U.S. to establish mandatory pipeline security standards.

WHAT CAN BE DONE TO HALT RANSOMWARE ATTACKS?

Previous attempts to put ransomware operators out of business by attacking their online infrastructure have amounted to internet whack-a-mole. The U.S. Cyber Command, Microsoft and cross-Atlantic police efforts with European partners have only been able to put a temporary dent in the problem.

Last month, a public-private task force including Microsoft, Amazon the FBI and the Secret Service gave the White House an 81-page urgent action plan that said considerable progress could be possible in a year if a concerted effort is mounted with U.S. allies, who are also under withering attack.

Some experts advocate banning ransom payments. The FBI discourages payment, but the task force said a ban would be a mistake as long as many potential targets remain “woefully unprepared,” apt to go bankrupt if they can’t pay. Neuberger said Monday that sometimes companies have no real choice but to pay a ransom.

The task force said ransomware actors need to be named and shamed and the governments that harbor them punished. It calls for mandatory disclosure of ransom payments and the creation of a federal “response fund” to provide financial assistance to victims in hopes that, in many cases, it will prevent them from paying ransoms.


NEW YORK (AP) — By FRANK BAJAK AND CATHY BUSSEWITZ Associated Press

Bajak reported from Boston. AP Writer Matthew Daly contributed from Washington.

Continue Reading

Cybersecurity

FBI names pipeline cyberattackers as company promises return

Associated Press

Published

 on

pipeline cyberattackers

Hit by a cyberattack, the operator of a major U.S. fuel pipeline said Monday it hopes to have services mostly restored by the end of the week as the FBI and administration officials identified the culprits as a gang of criminal hackers.

U.S. officials sought to soothe concerns about price spikes or damage to the economy by stressing that the fuel supply had so far not experienced widespread disruptions, and the company said it was working toward “substantially restoring operational service” by the weekend.

The White House said in a statement late Monday that it was monitoring supply shortages in parts of the Southeast and that President Joe Biden had directed federal agencies to bring their resources to bear.

Colonial Pipeline, which delivers about 45% of the fuel consumed on the East Coast, halted operations last week after revealing a ransomware attack that it said had affected some of its systems.

Nonetheless, the attack underscored the vulnerabilities of the nation’s energy sector and other critical industries whose infrastructure is largely privately owned. Ransomware attacks are typically carried out by criminal hackers who scramble data, paralyzing victim networks, and demand large payments to decrypt it.

The Colonial attack was a potent reminder of the real-world implications of the burgeoning threat. Even as the Biden administration works to confront organized hacking campaigns sponsored by foreign governments, it must still contend with difficult-to-prevent attacks from cybercriminals.

“We need to invest to safeguard our critical infrastructure,” Biden said Monday. Energy Secretary Jennifer Granholm said the attack “tells you how utterly vulnerable we are” to cyberattacks on U.S. infrastructure.

The attack came as the administration, still grappling with its response to massive breaches by Russia of federal agencies and private corporations, works on an executive order aimed at bolstering cybersecurity defenses. The Justice Department, meanwhile, has formed a ransomware task force designed for situations just like Colonial Pipeline, and the Energy Department on April 20 announced a 100-day initiative focused on protecting energy infrastructure from cyber threats. Similar actions are planned for other critical industries, such as water and natural gas.

Despite that, the challenge facing the government and the private sector remains immense.

In this case, the FBI publicly assigned blame Monday by saying the criminal syndicate whose ransomware was used in the attack is named DarkSide. The group’s members are Russian speakers, and the syndicate’s malware is coded not to attack networks using Russian-language keyboards.

Anne Neuberger, the White House deputy national security adviser for cyber and emerging technology, said at a briefing that the group has been on the FBI’s radar for months. She said its business model is to demand ransom payments from victims and then split the proceeds with the ransomware developers, relying on what she said was a “new and very troubling variant.”

She declined to say if Colonial Pipeline had paid any ransom, and the company has not given any indication of that one way or the other. Though the FBI has historically discouraged victims from making payments for fear of promoting additional attacks, she acknowledged “the very difficult” situation that victims face and said the administration needs to look “thoughtfully at this area” of how best to deter ransomware.

“Given the rise in ransomware, that is one area we’re definitely looking at now to say, ‘What should be the government’s approach to ransomware actors and to ransoms overall?'”

Speaking later in the day at a conference on national security, Neuberger said the administration was committed to leveraging the government’s massive buying power to ensure that software makers make their products less vulnerable to hackers.

“Security can’t be an afterthought,” Neuberger said. “We don’t buy a car and only then decide if we want to pay for seatbelts and airbags.”

The U.S. sanctioned the Kremlin last month for a hack of federal government agencies, known as the SolarWinds breach, that officials have linked to a Russian intelligence unit and characterized as an intelligence-gathering operation.

In this case, though, the hackers are not known to be working at the behest of any foreign government. The group posted a statement on its dark web site describing itself as apolitical. “Our goal is to make money, and not creating problems for society,” DarkSide said.

Asked Monday whether Russia was involved, Biden said, “”I’m going to be meeting with President (Vladimir) Putin, and so far there is no evidence based on, from our intelligence people, that Russia is involved, although there is evidence that the actors, ransomware, is in Russia.

“They have some responsibility to deal with this,” he added.

U.S. officials have sought to head off anxieties about the prospect of a lingering economic impact and disruption to the fuel supply, especially given Colonial Pipeline’s key role in transporting gasoline, jet fuel, diesel and other petroleum products between Texas and the East Coast.

Colonial is in the process of restarting portions of its network. It said Monday that it was evaluating the product inventory in storage tanks at its facilities. Administration officials stressed that Colonial proactively took some of its systems offline to prevent the ransomware from migrating from business computer systems to those that control and operate the pipeline.

In response to the attack, the administration loosened regulations for the transport of petroleum products on highways as part of an “all-hands-on-deck” effort to avoid disruptions in the fuel supply.

“The time of the outage is now approaching critical levels and if it continues to remain down we do expect an increase in East Coast gasoline and diesel prices,” said Debnil Chowdhury, IHS Markit Executive Director. The last time there was an outage of this magnitude was in 2016, he said, when gas prices rose 15 to 20 cents per gallon. The Northeast had significantly more local refining capacity at that time.

The pipeline utilizes both common and custom technology systems, which could complicate efforts to bring the entire network back online, according to analysts at Third Bridge.

Granholm, the Energy Secretary, said “Cyber attacks on our critical infrastructure — especially energy infrastructure — is not going away.”

“This is a serious example of what we’re seeing across the board in many places and it tells you that we need to invest in our systems, our transmission grid for electricity. We need to invest in cyber defense in these energy systems,” she told Bloomberg TV.

The attack has not affected the supply of gasoline, she said, “but if it goes on too long, of course that will change.”

Gasoline futures ticked higher Monday. Futures for crude and fuel, prices that traders pay for contracts for delivery in the future, typically begin to rise anyway each year as the driving season approaches. The price you pay at the pump tends to follow.

The average U.S. price of regular-grade gasoline has jumped 6 cents over the past two weeks, to $3.02 per gallon, which is $1.05 higher than a year ago. The year-ago numbers are skewed somewhat because the nation was going into lockdown due to the pandemic.

The attack on the Colonial Pipeline could exacerbate the upward pressure on prices if it is unresolved for a period of time.


WASHINGTON (AP) — By ERIC TUCKER, CATHY BUSSEWITZ and ALAN SUDERMAN Associated Press

Associated Press writers Frank Bajak in Boston and Matthew Daly in Washington contributed to this report.

Continue Reading

Cybersecurity

Ransomware gangs get more aggressive against law enforcement

Associated Press

Published

 on

Police Chief Will Cunningham came to work four years ago to find that his six-officer department was the victim of a crime.

Hackers had taken advantage of a weak password to break in and encrypt the files of the department in Roxana, a small town in Illinois near St. Louis, and were demanding $6,000 of bitcoin.

“I was shocked, I was surprised, frustrated,” Cunningham said.

Police departments big and small have been plagued for years by foreign hackers breaking into networks and causing varying level of mischief, from disabling email systems to more serious problems with 911 centers temporarily knocked offline. In some cases important case files have gone missing.

But things have taken a dark turn recently. Criminal hackers are increasingly using brazen methods to increase pressure on law enforcement agencies to pay ransoms, including leaking or threatening to leak highly sensitive and potentially life-threatening information.

The threat of ransomware has risen to a level that’s impossible to ignore, with hardly a day going by without news of a hospital, private business or government agency being victimized. On Saturday, the operator of a major pipeline system that transports fuel across the East Coast said it had been victimized by a ransomware attack and had halted all pipeline operations to deal with the threat.

The increasingly defiant attacks on law enforcement agencies underscore how little ransomware gangs fear repercussions.

In Washington, D.C., a Russian-speaking ransomware syndicate called Babuk hacked into the network of the city’s police department and threatened to leak the identities of confidential informants unless an unspecified ransom was paid.

A day after the initial threat was posted in late April, the gang tried to spur payment by leaking personal information of some police officers taken from background checks, including details of officers’ past drug use, finances and — in at least one incident — of past sexual abuse.

Similar threats were made recently against a small police force in Maine. The police department in Dade City, a small town in Florida, currently has many of its files posted on the dark web by the ransomware gang Avaddon after the city decided not to pay the $450,000 worth of bitcoin that was demanded. Leaked files show pictures of a dead body from a crime scene.

Ransomware gangs have been leaking sensitive data from victims for well over a year, but experts said they’ve not seen such aggressive new tactics used before against police departments.

“It should be a wake-up call to government that it finally needs to take strong and decisive action,” said Brett Callow, a threat analyst at the security firm Emsisoft.

Making the ransomware attacks potentially more damaging, police are now able to collect and store more personal information than ever before through advances in surveillance equipment and technologies such as artificial intelligence and facial recognition software.

April Doss, the executive director of the Institute for Technology Law & Policy at Georgetown University Law School, said laws and regulations about how police collect, retain and secure that data are largely unsettled.

“Where that leaves us is with police departments getting to use a great deal of their own discretion in terms of what technologies they adopt and how they use them,” said Doss, who previously worked at the National Security Agency and recently wrote a book on cyberprivacy.

Homeland Security Secretary Alejandro Mayorkas has called ransomware a “threat to national security” and said the issue is a top priority of the White House. Congress is exploring giving state and local governments grant money to boost their response to ransomware.

Because ransomware is so lucrative for its perpetrators, who operate out of Western law enforcement’s reach in Russia and other safe havens, experts say the most important tools for battling it are elementary cybersecurity measures.

Statistics of how many police departments have been hit by ransomware attacks are hard to come by, as is information on whether departments ever pay a ransom. There’s no official count and not every incident is made public.

Callow, the threat analyst, said he’s counted at least 11 law enforcement agencies affected by ransomware since the beginning of 2020. Officers have been locked out of their computer systems and forced to resort to paper records. Prosecutors in Stuart, Florida, told local media last year they had to drop a case against suspected drug dealers after a local police department’s files were encrypted by a ransomware gang.

In the nation’s capital, the final outcome is uncertain. The Babuk gang’s threats to release more information have so far not come to pass and the files that were posted have been taken down.

The city’s lower income areas are struggling with increased violence. Longtime community activist Philip Pannell said police already have a hard time getting witnesses to come forward, and having hackers threaten to release information about confidential informants would make it even harder. If the names of confidential informants are released, Pannell said it would put them in real danger.

“Why would someone want to do something like that? They just want to foment chaos.” he said.

Gregg Pemberton, chairman of the D.C. Police Union, said officers are extremely concerned about such private information being in the hands of foreign hackers.

“The fact that data of such a sensitive nature was able to be accessed by hackers says a lot about the quality of service elected officials provide this city. What is ironic is that in an era where police officers are targeted by their leaders for alleged misfeasance, it’s really their leaders that are truly unable to perform to standards,” he said.

The department said in a statement it’s still trying to determine the size and scope of the breach and has urged officers to obtain a free copy of their credit reports. The FBI is assisting with the investigation.

Law enforcement agencies require thorough and intrusive background checks that gather a wealth of information about a person’s history and character. It’s perfect blackmail material for hackers, whether they are criminal gangs or foreign governments. Six years ago Chinese hackers stole millions of background check files of federal government employees from the Office of Personnel Management.

Randy Pargman, who worked for the FBI for 15 years, said police departments need to do some “soul searching” about how they currently protect sensitive data such as background check files. He said many departments don’t have the budget or staffing for sophisticated cybersecurity measures, but could still transfer sensitive files to external hard drives kept offline and used only when needed.

“Every police department needs to think about their threat model and that they will probably be a target at some point,” said Pargman, vice president of threat hunting and counterintelligence at the private firm Binary Defense.

Back in Roxana, the police chief said he didn’t have to pay the hackers because the files were backed up and the department bought new computer equipment for roughly the same amount as the ransom demand. Cunningham reported the hackers to the FBI, but as far as he’s heard they were never caught. The whole experience, Cunningham said, was a real eye-opener.

“It’s amazing how much opportunity is out there for these computer crimes,” he said.

Continue Reading

Trending