Digital Economy Dispatch #142 -- A Lesson in Digital Security

Digital Economy Dispatch #142 -- A Lesson in Digital Security
30th July 2023

In the digital world there are 2 kinds of people:
Those who know they have been hacked;
and those who have yet to find out.

I’ve been hacked! And I am pretty annoyed about it.

Over a month ago I started to receive menacing emails concerning a couple of the websites that I run. They advised me that my websites had been compromised and if I would only click this special link or subscribe to their service, then they would help me fix it. Naturally, I assumed these were phishing emails trying to get me to hand over personal data. I ignored them, feeling rather smug that I hadn’t fallen into their trap.

However, I began to realize things may be more serious once friends and colleagues advised me that they could not access my websites as they were being blocked by antivirus software installed on their laptops. Time to investigate. It seems the websites had been infected with malware of varying forms. By probing for vulnerabilities, someone (or group) had replaced files on my website to launch attacks on other sites. So began weeks of analysis and several hundred pounds of expense to try to sort it out.

But it is not just me. The world is being overwhelmed with cyberattacks of every kind. If you really want to be scared, take a moment to look at Kaspersky’s real-time dashboard and statistics of cyberattacks. The scale and extent of these attacks is frightening. And as digital transformation of businesses and society accelerates, the problems only seem to grow. As individuals, businesses and organizations, are we doing enough to protect ourselves from such threats? In my case, the answer was “no”. This journey has been a lesson in digital security.

A Quick Website Technology Detour

It is easy to dismiss my hacked website as irrelevant to the broader digital transformation taking place across public and private organizations. But don’t be so quick. Most websites share many characteristics with today’s enterprise service-based systems. The core of these websites is a content management system (CMS) providing a core services platform to store information and deliver services to support web interactions. Hosted on cloud infrastructure, the most popular CMS is Wordpress, an open source system that enables a wide range of add-ons and extensions to customize it for almost every need imaginable. Hence, it is a useful illustration of the strengths and weaknesses of many types of service-based cloud hosted solutions in use today.

Originally released as a blogging platform in 2003, WordPress has evolved into a multi-purpose content management system with tens of thousands of plugins and themes. According to data from W3Techs, WordPress is used by over 40 percent of all websites on the internet in 2022. Furthermore, WordPress is used by two thirds of all websites using a CMS. Many of these sites, including mine, rely on their individual owners (me!) to stay on top of the security issues, keep the site up-to-date, and be able to respond quickly when issues arise. Often that doesn’t happen.

This makes Wordpress websites a prime target for attack. The favoured approach is to attack WordPress plugin and theme vulnerabilities. There is a lot to attack. WPScan holds a database of over 43,000 vulnerabilities across WordPress plugins, themes, and core. Furthermore, the scale of the attacks is staggering. For example, in the first six months of 2022, the Wordfence Web Application Firewall blocked over 4 billion requests coming from blocklisted IPs and attackers attempting to exploit vulnerabilities.

Keeping a Wordpress site protected is a major headache. Consequently, many website owners pay third parties to do much of the heavy lifting for them, use various tools to scan their sites for suspicious activity, and hide the websites behind different kinds of firewalls. This can be complex, expensive, and very annoying. Welcome to the world of cybersecurity.

Cybercrime: The Achilles Heel of the Digital Economy?

The challenges establishing a safe and secure digital infrastructure creates huge issues for organizations as they pursue their digital transformation journey. In a digital economy, protecting online activities is essential and data is a valuable asset. Cybercrime compromises data integrity and confidentiality, eroding consumer trust in online services and transactions. As data breaches become more frequent, customers may become wary of sharing their information, hindering the growth of e-commerce and other digital services.

In the ever-evolving landscape of the digital economy, cybercrime has emerged as a pervasive and daunting challenge that threatens individuals, businesses, and governments worldwide. As technology becomes more integral to our daily lives, the risk of cyberattacks intensifies, bringing with it a host of complex challenges that demand immediate attention and longer-term strategies.

The challenges faced in addressing cybercrime can be overwhelming. One of the foremost concerns posed by cybercrime is its sheer scale and diversity. Much of the complexity arises because cybercriminals are difficult to trace as they operate across borders, making it difficult for law enforcement agencies to find and prosecute them effectively. So not only are there technical issues in tracing them, the global nature of cybercrime allows perpetrators to exploit legal loopholes and jurisdictions, leading to a lack of coordination among nations in combating this menace.

Another significant challenge lies in the ever-evolving tactics employed by cybercriminals. As cybersecurity measures improve, so do the methods used by malicious actors to breach defences. Advanced persistent threats (APTs), ransomware attacks, phishing scams, and zero-day exploits continually evolve, requiring a continuous and adaptive approach to cybersecurity.

The anonymity that can be found across the internet further complicates matters. Cybercriminals can hide behind sophisticated tools like VPNs and the dark web, making it difficult for authorities to trace their identities. This anonymity creates a sense of impunity, encouraging individuals to feel they can get away with their actions and encouraging state actors to use their attacks to disrupt and target larger entities, such as critical infrastructure and government systems.

Regulatory and legal challenges also hinder effective cybersecurity. Rapid technological advancements often outpace the development of relevant laws and regulations, creating ambiguities and gaps in the legal framework. This makes it challenging for authorities to prosecute cybercriminals and enforce cybersecurity standards consistently.

The lack of cybersecurity awareness and education is another formidable challenge. Individuals and businesses often underestimate the threats posed by cybercriminals, leading to lax security practices and easily exploitable vulnerabilities. Moreover, the shortage of skilled cybersecurity professionals exacerbates the situation, leaving organizations ill-equipped to defend against sophisticated attacks.

The financial impact of cybercrime is staggering. The cost of data breaches, ransom payouts, and system recovery can be astronomical, affecting not only the targeted organizations but also the overall economy. Furthermore, intellectual property theft and corporate espionage can destroy a company’s competitive position, derail innovation, and stall economic growth.

Old Dog, New Tricks

What have I learned from this experience? For sure, my challenges and inconveniences from being hacked are as nothing compared to those faced by all organizations in our digital world. Yet, they bring attention to important lessons. Defending against cybercrime in the digital economy is now a critical priority for businesses of all sizes. Much has been invested across every aspect of the business. Yet, as with many things in life, it is only when faced with personal experience we recognize what matters. Simply stated, my struggles in the past few weeks have highlighted the importance of following basic guidelines on cybersecurity and implementing the following three main lessons:

1. Prioritize Cybersecurity Awareness: While I thought I had a reasonable grasp of digital security issues, when faced with being hacked I realized that my knowledge was insufficient and out-of-date. One of the most crucial lessons for businesses is to prioritize cybersecurity awareness and training. Human errors and misconfiguration remain the leading causes of successful cyberattacks. Therefore, organizations must educate their staff about common cyber threats, such as phishing, social engineering, and malware. Employees should be trained to recognize suspicious emails, links, and attachments, as well as to follow secure practices for data handling and password management.

2. Implement Robust Cybersecurity Measures and Best Practices: I tried to keep up-to-date with new software releases and patches. But in attempts to save money and time, I was not nearly as disciplined as I ought to have been. Businesses need to implement a comprehensive set of cybersecurity measures and best practices to defend against cybercrime effectively. This includes deploying firewalls, antivirus software, intrusion detection and prevention systems, and regular software updates. Companies should regularly conduct security assessments to make sure they learn about the status of their systems.

3. Establish a Cyber Incident Response Approach: Once hacked, I had to scramble to work out how to recover. This was haphazard and expensive. Being prepared for cyber incidents is crucial for minimizing potential damage and ensuring a swift recovery. Businesses should develop and regularly update a comprehensive cyber incident response plan. This plan should outline the steps to be taken in the event of a cyber incident. It will help identify gaps and weaknesses, enabling the organization to fine-tune their response capabilities.

Be Careful Out There

The challenges posed by cybercrime in a digital economy are multifaceted and continually evolving. Addressing these challenges requires a concerted effort from everyone to prioritize cybersecurity and enhance awareness. Whether on a personal or corporate level, we can defend ourselves from cybercrime in the digital economy by increasing our understanding of cyberthreats, implementing robust security measures and best practices, and establishing a well-defined cyber incident response plan. By adopting a proactive and vigilant approach, we can then significantly reduce the risk of falling victim to cyberattacks and safeguard our digital assets, reputation, and customer trust. Lessons that I have been learning the hard way.