Exclusive Interview: Cloud4C exec reveals BFSI sector remains to be top priority of cybercriminals

Generative AI has accelerated the capabilities of malicious threat actors in an unprecedented scale, and now, these cybercriminals are laser-focused on one specific industry for financial gains, Cloud4C’s Global CISO, Deepak Mishra shared in an exclusive interview with TBC News. 

“There are two types of threat actors who generally utilize the latest ransomware and malware technologies –  state nations and cybercriminals. Across the globe, both have been targeting organizations in the BFSI (Banking, Financial Services, and Insurance) sector,” he explained. 

Ransomware attacks have become a significant threat to individuals, businesses, and organizations, with cybercriminals increasingly using sophisticated tactics to execute these attacks. The emergence of generative AI technology has further amplified the threat, enabling cybercriminals to launch more complex and evasive ransomware attacks. 

Generative AI technology has significantly improved phishing emails, which are a common delivery method for ransomware attacks. Cybercriminals can now use generative AI’s writing capabilities to create more convincing phishing emails, reducing the skill required to start a ransomware attack. This development has led to a new wave of attacks, as attackers can now focus on constructing a malicious AI prompt and having access to the necessary tools.

In addition to phishing emails, generative AI has also been used to create high-quality and realistic deepfake video content, which can be used in targeted attacks like spear-phishing or generic phishing campaigns. This technology can quickly review and edit emails to appear more credible, making it difficult for victims to identify malicious intent.

Generative AI has also been used in polymorphic malware, which enables the development of highly changeable threat code variants and malware packages that constantly change to evade detection by current security tools.

This development has shifted the power balance to the attackers, as the defense struggles to keep up in updating use-cases and configuration of its preventive and detective security controls.

“Generative AI tools are actually able to create weapons and deploy cyber attacks that deal with a lot of information and data in a very short period of time, producing advanced malware which can evade detection and bypass controls, as well as adapt to the security controls and change their behavior. In Cloud4C, we have deployed technologies which are also built on AI and ML frameworks so our customers themselves have the capability to detect, respond and prevent attacks of this nature,” he said.

According to a report by Cybersecurity Ventures, cybercrime is expected to cost the world $10.5 trillion annually by 2025, up from $3 trillion in 2015. The report also predicts that cybercrime will be more profitable than the global illegal drug trade by 2024.

The use of generative AI in ransomware attacks is expected to contribute to this trend, making it easier for cybercriminals to launch more sophisticated and evasive attacks.

The cost of ransomware protection varies depending on the number of employees and devices a company needs to protect. For example, a company with as few as 50 people can spend five figures on ransomware protection. The cost of data backups starts between $50 to $100 per month if a company has multiple servers or users for advanced backup solutions.

In addition to the cost of ransomware protection tools, companies should consider the costs associated with ransomware attacks, such as downtime, worker hours, device cost, network cost, lost opportunity, and brand reputation cost. The combined cost and losses of a ransomware attack are estimated to be an average of two million dollars.

Companies are spending an average of $1,500 per $1 million in coverage on cyber insurance to protect themselves against ransomware attacks, depending on the deductible. However, getting cyber insurance for ransomware is not easy, as many insurance agencies are limiting coverage due to the high payout costs.

“We have access to the latest threat intelligence feeds, curated analyst research data in real time so that our controls are being tuned accordingly. We have access to global threat intelligence from leading vendors, plus we have an internal team who also performs research on global threats and identifies the actions that we can provide to our customers and to our internal teams who can then take necessary actions,” Deepak highlighted. 

According to a report by MarketsandMarkets, the global cyber threat intelligence market is expected to grow from $6.6 billion in 2020 to $14.7 billion by 2025, at a compound annual growth rate (CAGR) of 17.5% during the forecast period.

“We use advanced threat detection systems within our ecosystem: EDRs, XDRs, identity protection, AI-based threat detection, multi-factor authentication, and zero-trust principles. Zero-trust principles are followed across the whole cyberdefense stack which means people do not get access until the validation is performed on all assets. We also have a strong authentication mechanism using MFA (multi-factor authentication).”

Endpoint detection and response (EDR) is a security measure that monitors and responds to threats on endpoint devices, such as laptops and mobile devices. This measure can help detect and respond to ransomware attacks before they cause significant damage.

According to a report by MarketsandMarkets, the global EDR market is expected to grow from $1.5 billion in 2019 to $3.3 billion by 2024, at a CAGR of 19.1% during the forecast period.

Data backups are one of the most effective ways to protect an organization against ransomware attacks. By regularly backing up critical data, companies can quickly restore their systems in the event of an attack, minimizing downtime and the cost of recovery.

File integrity monitoring software can help with ransomware protection by monitoring changes in configuration files that could allow attackers to encrypt a large portion of a company’s data. This software can alert IT teams to potential threats and help prevent data loss.

Managed firewall services may cost a business between $150 and $300 per month. These services provide around-the-clock monitoring and management of a company’s firewall, ensuring that it is configured correctly and up-to-date with the latest security patches.

Employee training on cybersecurity best practices is critical in preventing ransomware attacks. Phishing emails are a common delivery method for ransomware attacks, and employees who are not trained to recognize and avoid these emails can inadvertently expose the company to risk.

This strategy is also cost-effective, with many online resources and tools available for free or at a low cost. However, companies should consider the cost of employee time and the potential cost of a data breach when determining the budget for employee training.

“It’s just a matter of time. Our technology stack, which leverages AI and ML, we are going to bring that stack to the Philippines. The industries in the Philippines will be able to enjoy the best and world-class security processes, managed security services, especially the managed XDR. We are already providing to the top companies in Singapore and Malaysia. We’ll be bringing the same to the Philippines as well.” he concluded. 

About Cloud4C

Cloud4C is World’s leading Cloud managed services player with presence in 25 countries and 52 locations and serves 60 of the Fortune 500 Global Multinationals. The company offers specialized industry cloud solutions such as banking community cloud, manufacturing community cloud, insurance community cloud, robotic process automation (RPA), cloud migration, infrastructure modernization, hyper-automation, digital workplace solutions (DAAS/VDI), DevOps, AIOps, DRaaS, Cloud managed services etc.

Comments

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Discover more from TBC News

Subscribe now to keep reading and get access to the full archive.

Continue reading