4 Billion Records Were Breached in 2019: A Cybersecurity Retrospective

4 Billion Records Were Breached in 2019

2019 was a year of radical change for the cybersecurity industry, one that left businesses with whiplash trying to keep up with the threats.  

Technology continues to explode at a dramatic rate, but nowhere is that more evident than with cybersecurity over the past decade. Companies are still licking their wounds from a painful 2019, in which over 4 billion records were reported as breached. From phishing attacks to ransomware, social attacks and more, 2019 brought a whole new pressure to technology teams throughout the world to ensure that their cybersecurity and compliance strategies were up-to-date . . . even up to the minute. Patch application became even more important, and training for users is now at the forefront of every IT professional’s mind. With the accelerating speed of change in the realm of cybersecurity, it’s good to pause and review — while planning how we can ramp up support to protect against future cyberattacks.

Cybersecurity

Ransomware Losses Skyrocket into the Trillions

In 2018, ransomware seemed to be losing some steam but it came back strong in 2019 to the tune of an approximate $11.5 billion in damages globally. Some of the largest attacks included:

  • March 2019: Norsk Hydro’s operations were severely affected, forcing manual operations with output reduced by 50% for a period of weeks. An 82% profit hit in Q2 2019 followed at least $60-71 million in losses.
  • March 2019: Arizona Beverages was impacted by a ransomware attack that had the brand rebuilding servers weeks after the attack.
  • May 2019: The City of Baltimore’s municipal government was attacked causing city services such as water utility and property tax billing, parking tickets and housing permits to cease. Losses are estimated at $18 million.
  • August 2019: Twenty-two Texas towns were impacted by a massive, coordinated cyberattack and requested a ransom of $2.5 million.

In each of these instances, the company was taken off-guard by the attack and had to struggle to return to full operations — regardless of whether or not the ransom was paid.

Small Businesses Felt the Impact of Poor Cybersecurity

While massive organizations were losing millions of dollars, the quiet challenges felt by small businesses are perhaps the most invasive. These small to mid-size businesses rarely have the extensive IT support of an enterprise. They’re unlikely to have cybersecurity insurance, which leaves them in a sad state of attempting to piece their business back together either alone or with the assistance of a team of local IT support professionals. Malware attacks cost businesses an average of between $4 – $22 thousand per minute, with an average of 200 minutes spent resolving a single instance of IT downtime. That equates to around 14.1 hours of IT downtime each year for businesses with a productivity impact of 545 hours. When you add in the significant shortage of 3.5 million cybersecurity positions that will go unfilled by 2021, the skills gap continues to expand for small to mid-size businesses.

With cryptojacking up by a shocking 4000% according to McAfee and ransomware continuing its meteoric climb as we head into 2020, it’s time for corporations of all sizes to get serious about the need for an aggressive cybersecurity posture. This includes having a robust backup and disaster recovery strategy as well as incident response processes in hand — because it’s only a matter of time before your company is hit by these dangerous bugs.

Contact Info

Stay Connected