Cybersecurity For Tech Companies

5.3 trillion U.S. dollars.

That’s the 2022 estimated spending for the global information technology (IT) industry. Given that the Verizon 2020 Data Breach Investigations Report (DBIR) found 86% of data breaches are motivated by financial gain, it’s easy to see why cybercriminals target the tech industry. According to the NTT 2020 Global Threat Intelligence Report, 25% of all cyber attacks in 2019 were directed at the tech sector. 

The same report shows that tech experienced a 70% increase in total attack volume, and the government sector — which is highly dependent on IT products and services — saw attacks almost double. Keep in mind that this was prior to the COVID-19 pandemic. In March 2020, just as lockdowns were put in place, Deloitte found that the pandemic was:

• Increasing remote work security risk.
• Delaying cyberattack detection and response.
• Creating gaps in physical and information security. 
• Accelerating the number of cybercriminals.

With tech playing such a large role in critical infrastructure, national security, and healthcare, as well as the private sector, mitigating cyberattacks pre-empting vulnerabilities will continue to be a challenge. The proliferation in 2021 led national security adviser Jake Sullivan to invite executives from Apple, Amazon and other top tech firms to the White House to discuss software security with the Biden administration.

Cyber threats are continually evolving, but, fortunately, so is security technology. In this article we look at the top threats to the IT industry — including software, devices and infrastructure, IT and business services providers, emerging tech, and telecom services — as well as some security solutions that can protect government agencies and private companies. 

Cybersecurity Threats Facing the Tech Industry — and Potential Outcomes

IT sector players are often attacked by hackers looking to get a competitive edge (or reduce competitive disadvantages) by stealing intellectual property. In other cases, including the 2020 Solar Winds hack, it’s a nation state attack. Advanced persistent threat (APT) actors were able to infiltrate the Solar Winds supply chain and insert a backdoor. Although Solar Winds isn’t a government entity, the back door gave hackers visibility into U.S. Government departments, including the Department of Homeland Security and Treasury Department. Private companies — Microsoft, Cisco, Intel, and others — were impacted by the Solar Winds incident, too. 

Travelers Insurance, which offers CyberRisk Tech Coverage for Technology Companies and publishes the 2020 Travelers Cyber Risk Index, cites the following as top cybersecurity threats for technology companies.

Social engineering (Phishing) — Social engineering tactics, including phishing emails and spear phishing, attempt to trick an email recipient into providing personal information — often login credentials or credit card information. The Q3 2021 Anti-Phishing Working Group (APWG) Phishing Activity Trends Report found that:

• July’s 260,642 total phishing attacks was the highest in the organization’s reporting history.
• The number of phishing attacks doubled from early 2020.
• SaaS webmail was the most frequent target at 29.1% of all attacks.

When it comes to phishing, attacks aren’t limited to the biggest governments and departments. The 2020 Deloitte-NASCIO Cybersecurity Study found that local governments experienced phishing and spear phishing the most among all attack vectors in the past year.

Business interruption — Interruptions and outages can be caused by a variety of attacks, including ransomware (see below), but Distributed Denial of Service (DDoS) is the most common. Cybercriminals use DDOS attacks to force people offline by flooding a network with requests and traffic. The high volume of unwanted internet traffic from hackers overwhelms the site so legitimate requests from real users can't get through. According to the 2020 Global Threat Intelligence Report, “Significant increases in application-specific and DoS/DDoS attacks, along with weaponization of IoT attacks against technology contributed to technology becoming the most attacked industry in 2019.” Of all attacks against tech companies in 2019, 25% were DoS/DDoS.

Data and privacy breaches — The Verizon 2021 Data Breach Investigations Report (DBIR) put the verified data breach tally at 5,258, up from 3,950 in the 2020 report. Security breaches often originate with social engineering attacks such as phishing emails. The top data and privacy breaches of 2021 included tech notables and the fifth largest country in the world: 

• Cognyte, a Cybersecurity analytics firm, was hit with a database breach of 5 billion records.
• LinkedIn, the career networking site, was breached, exposing 700 million records.
• Facebook had more than 533 million accounts breached.
• Bykea, a mobile app for ride-hailing, experienced a breach of 400 million records.
• The Brazilian Ministry of Health faced a loss of 223 million records.

As data volumes increase, so does the need for reliable data security.

Ransomware — This type of malware is used to deny access to systems or data until a ransom is paid, and typically spreads through phishing emails or by a network user accidentally visiting an infected website. The Colonial Pipeline ransomware attack shut down 5,550 miles of pipe, resulting in a gasoline shortage in several American states. Ransomware attacks continue to be one of the most common tactics used by cybercriminals:

• In the U.S. alone there are more than 4,000 ransomware attacks daily.
• The average downtime a company experiences after a ransomware attack is 21 days. 

NTT Ltd. researchers found that the sector had the highest rate of detected ransomware of any industry — 9% of all detected threats. No other industry topped 4%. 

Using CloudConnexa and the NIST Cybersecurity Framework for Tech Company Cybersecurity

The NIST Cybersecurity Framework outlines five straightforward steps tech firms can take to protect their networks and government agencies using their services from cybercrime:

• Identify
• Protect
• Detect
• Respond
• Recover

This diagram explains what each step involves:

CloudConnexa makes it easy for tech firms to quickly deploy robust, reliable network security that reduces available attack surface. Unlike traditional remote access solutions, CloudConnexa provides a secure, distributed, virtualized networking platform with integrated essential functions with the flexibility to augment your security posture.   

We pointed out that phishing is one of the bigger issues facing tech companies. Phishing typically starts with an email that tricks a user into visiting what appears to be a safe website. If the user enters their login credentials on the phishing site, they’ve compromised their username and password. That site is where the login credentials or other personal data (like financial information) are obtained. CloudConnexa with Cyber Shield, a built-in content filtering feature, helps curtail phishing attacks efficiently and effectively. 

With CloudConnexa tech firms can get a zero trust security model without costly personnel and service providers. Even the smallest start-ups can enable secure remote access, user authentication, IDS/IPS, and monitoring with our cloud-based virtualized network that ensures secure communications. 

CloudConnexa also protects against data loss and IT infrastructure damage by giving network administrator(s) the ability to require multi-factor authentication (MFA) — a security measure that requires users to provide multiple forms of identity verification to access their account — and without making secure access overly difficult for employees. This is especially useful with the growth of remote work.

Tech sector companies need the ability to evolve their information security initiatives to develop incident response plans and stay ahead of threats. One way to do this is by building a threat intelligence baseline using reporting. The Traffic Reporting and Dashboards included with Cyber Shield delivers detailed statistics on traffic threats (malware, intrusion, DOS) as well as the device of origin.

OpenVPN is on a mission to enable secure connectivity between employees, devices, and networks for tech companies of all sizes. And we don’t just make it easy to get started — we also make it free, and offer pricing that scales with your business. Activate your account today to see how you can quickly and easily connect private networks, devices, and servers to build a secure, virtualized modern network that meets the demands of the fast-paced IT sector and the governments that depend on them.