This post is also available in: עברית (Hebrew)
The last few weeks saw a number of financial companies become a target for cyber attacks and attempted blackmail using threats. The companies attacked were all Israeli companies or companies working abroad but are under Israeli ownership, some with offices in Israel. Most of the companies attacked were in the currency trade (Forex) and options trade.
The attacker is an unknown body or individual, probably from Russia or some other member of the CIS (based on their English wording), who managed that plant a malware inside the companies’ websites and then sent the managers screenshots proving a malware has indeed been planted. The attackers didn’t stop there, but also asked for a ransom of $120,000, threatening that unless they received it they could damage the firm or steal data.
One of the companies under attack announced that a cyber breach in its systems allowed to transfer money of “only a few” clients, who already received their money back. Due to the attack, the company asked its clients to change passwords and continue using their accounts as usual. In spite of this, the wave of attacks on Forex companies and their success prove that some of the companies haven’t had the proper cyber protection up until now.
Beyond an affect on the image of the company and the affect the attack has on its clients, it is important to understand how much money these cyber attacks are costing them. A new research by Ponemon institute with HP’s security division, which includes seven countries, shows that the average cost of a cyber attack on an organization was $15 million this year – a growth of 20% from 2014.
Another datum shows that it takes, in average, 46 days to fix the damages caused by a cyber attack, with a cost of $1.9 million. This financial piece of data shows a growth of almost 30% throughout the six years of research, and a 22% growth compared to 2014, when the average stood on 45 days and $1.5 million in costs.
Another datum shows that implementing a solution to manage information security incidents had led to an average savings of $3.7 million per year compared with organizations that failed to do so. Furthermore, appointing professionals in the organization’s security system may also lead to an average savings of $2.1 million for the organization.
The good news is that these increasing threats are opening a window for very productive cooperations between different countries. An example is the agreement of cooperation signed between the Israel HaGihon and the New York Department of Environmental Protection (DEP). The goal of this cooperation is to detect threats and future dangers to critical water and sewage infrastructure.
Through the agreement, HaGihon is opening a path for Israeli cyber companies into the American infrastructure market, which is the largest and most advanced in the world. Steve Lawitt, who heads DEP, said that the cooperation shows the increasing need of water companies to realize the threat and adjust their operation to these worrying developments.