Finance glossary

What are cyberattacks?

Bristol James
9 Min

A cyberattack is a deliberate, malicious attempt to disrupt, damage, or gain unauthorized entry to computer systems, entire networks, or other data sets. By exploiting software vulnerabilities, human errors, and hardware weaknesses, hackers compromise systems, steal information, halt operations, and cause extensive financial harm.

Cyberattacks have evolved and changed with the advancement of technology, so how these attacks play out can be hard to keep track of and understand. Attackers may use different methods to attack their targets including ransomware attacks, social engineering tactics, and phishing attempts. Because cyberattacks can take so many shapes and cause massive amounts of damage, businesses should try to stay one step ahead by fortifying preventative protections and continuously conducting employee training.

In 2024, it is expected that cybercrime will cost the US $452 billion. If a business or government entity falls victim to a massive cyberattack, the impact can be catastrophic. 60% of small businesses that experience a cyberattack go out of business within 6 months of being hacked. Stolen sensitive customer information, financial data, and network passwords can lead to astronomical costs and an even longer-lasting business issue:

Why hackers attack

Whether it’s data theft, system hijacking, or a financial scam, hackers have many different motivations for conducting attacks. Most of the time, cyberattacks stem from personal, criminal, or political motivations.

  • Personal: Disgruntled ex-employees or customers with a vendetta against a certain organization may orchestrate cyberattacks to seek revenge.
  • Criminal: When trying to break into networks or hack data systems for financial gain, hackers are criminally motivated. They may hold businesses ransom and wait for a payout, siphon money into unauthorized channels, or even commit identity theft.
  • Political: Political motivations often result in the most nuanced and intricate attacks. Someone who considers themselves a “hacktivist” may work to advance certain ideals or cripple companies they consider unethical, like oil & gas enterprises. Other politically motivated hackers may try to sway elections. The FBI Director in the United States has highlighted threats from Chinese hackers, and Russian hackers were found to have tampered with the 2016 elections.

What info are attackers trying to gain?

Depending on what’s motivating a specific hacker, they’ll be seeking out different information when conducting an attack. Some hackers are looking for company databases of Personal Identifiable Information (PII) such as names, addresses, and social security numbers of customers and employees. This information can then be sold on the black market. Other hackers may attempt to disable business systems or cripple operations in order to demand ransom payments from organizations that are desperate to recover.

Politically motivated hackers, on the other hand, are less concerned about financial gain and more focused on orchestrating a massive cyberattack to gain national security information, exploit government intelligence, sew distrust of public officials, or even disrupt key national processes such as elections.

Whatever a hacker’s reasoning is for perpetrating these types of attacks, cyberattacks pose a threat to businesses big and small, government entities, and even individual households.

How cyberattacks affect businesses

Cyberattacks are one of the biggest threats to businesses today. Something that business owners didn’t have to think about 25 years ago has become a top-of-mind consideration for leaders today.

Our latest Cybersecurity Guide for CFOs examined the current costs of cybercrime, and the numbers are astounding:

Cybercrime costs to businesses, from Eftsure's Cybersecurity Guide for CFOs
Cybercrime costs to businesses, from Eftsure’s Cybersecurity Guide for CFOs

Because of the impact a data breach can have on a business, customers, stakeholders, employees, and investors can all fall victim to cyberattacks. The main lasting impacts of online threats are financial loss, reputational damage, operational disruption, and legal and regulatory consequences.

Financial loss

Theft of funds, operational disruptions, and recovery costs associated with cyberattacks are just the tip of the iceberg. Publicly traded companies experience an average stock price decline of 7.5% following a data breach, and looking at the financial impact regardless of business size, the average cost of a cyberattack is $200,000. These attacks can lead to financial ruin when businesses are unprepared and slow to respond.

Reputational Damage

A data breach that exposes customer information can severely damage a company’s reputation amongst customers, business partners, and stakeholders. As trust erodes, sales may decline, customers may seek other sources for their needs, and long-term brand recognition will suffer.

Operational Disruption

Very common in ransomware attacks, the operational disruption of a manufacturing plant or other business site can be felt for weeks, months, and even years after the attack takes place. Downtime, loss of productivity, and delivery delays can create a downstream ripple impact, too, affecting supply chain, customer service, and overall business performance.

Legal & Regulatory Consequences

As the world adapts to cybersecurity issues, businesses may face legal and regulatory consequences following a cyberattack. These consequences can be lawsuits from impact parties, investigations by regulatory authorities, and penalties for failing to comply with data protection laws.

Top forms of cyberattacks

Cyberattacks can take many forms, and because the technology landscape is always changing, attack methodology is always changing, too. Some of the biggest watch-outs are:

Malware

A blanket term for harmful software that can infect computer systems and entire networks, malware is capable of stealing information, destroying business operations, and wiping entire databases. Perhaps the most well-known type of malware is ransomware. Ransomware attacks take systems hostage and hackers force the business in question to pay a ransom before releasing the system and allowing it to continue operating.

Social engineering

One of the most creative forms of cyberattacks is social engineering. With this method, hackers convince people to do harmful things by tricking them into believing they are supposed to be doing those things. For instance, someone entering an office claiming to be a computer repairman and asking an employee to write down their passwords in order to “fix” something would be considered social engineering.

Phishing attacks are a type of social engineering and the second most common cause of data breaches. Emails that come from unrecognized accounts or odd email addresses may be phishing attempts. Often, these emails include a link to click that will steal information or trick people into inputting additional details after clicking the link.

Denial-of-Service (DoS)

Denial-of-Service (DoS) attacks inundate business systems or websites with fake traffic, causing the system to either crash or be unreachable by normal users. Because these attacks render platforms useless, they can lead to downtime impacts, customer attrition, and reputational damage. Sometimes, DoS attacks are used to distract from a bigger attack that’s about to happen.

Account break-ins

Remember those phishing emails that you get on a regular basis? If cybercriminals get the login credentials to a machine or system, they can use those credentials to log in as a legitimate user and conduct harmful activities. Even if a hacker didn’t get username and password information from phishing or buying it off the dark web, they can use automation scripts to test thousands of different login combinations in an instant.

Man-in-the-Middle (MiM) attacks

MitM attacks involve a hacker gathering information that was shared between two people such as emails or text messages. When using public Wi-Fi networks, there is an elevated risk of MitM attacks. In some cases, the hacker doesn’t just intercept information but also alters the data transmitted between the two people, potentially leading to identity theft, data theft, and more.

Supply Chain Attacks

When cybercriminals break into a business’s supply chain, they can target all of the vendors, suppliers, and transport companies involved in the end-to-end supply chain. This method underscores the importance of cybersecurity measures not only to protect customers but also to protect business partners and vendors.

Noteworthy cyberattack examples

Cyberattacks happen every single day around the world. Small businesses, large enterprises, nonprofits, government organizations, and individuals fall victim to these harmful attacks regularly. To emphasize the variability in cyberattacks, let’s assess a few major attacks in recent history.

UnitedHealth

In what the American Hospital Associated called, “the most significant and consequential incident of its kind against the U.S. health care system,” UnitedHealth was the victim of a cyberattack that threatened millions of sensitive records, including patient insurance information and health details. Since the attack happened on February 21, 2024, the extent of the damage is still unknown. However, UnitedHealth experienced days of system downtime, and hundreds of thousands of medical claim disruptions.

City of Dallas

In 2023, the city of Dallas experienced a ransomware attack that disrupted court systems, water bill payments online, and first responder technologies. That’s right, the 9-1-1 dispatch system went down, leading to emergency personnel relying on pens and paper to record and handle emergency calls. It took over a week just for city websites to get back online, and computers in more than 22 fire vehicles, trucks, and ambulances had to be wiped clean.

Latitude Financial Cyberattack

Cyberattacks happen all over the world. Last year, Latitude, an Australian personal loan company faced an attack that impacted 14 million individuals in Australia and New Zealand. As a result of the attack, 1.2 million clients had sensitive information exposed.

How to Prevent Cyberattacks

Prevention has to be a priority if organizations are aiming to avoid cyberattacks. Although there are many competing business priorities discussed in every boardroom, cybersecurity should be one of the top focus areas. Some of the best practices for preventing these attacks are:

Investing in employee training

Even the most well-meaning employees can open doors for hackers. By ensuring your teams have ongoing cybersecurity training to stay up-to-date with current tactics and learn best practices for personal security, your organization will have an extra layer of protection. Recognizing phishing attempts, creating strong passwords, and reporting suspicious activity can all be included in these trainings.

Utilizing Multi-Factor Authentication (MFA)

Implement multi-factor authentication across all systems and applications to add an extra layer of security beyond passwords. MFA requires users to provide additional verification, such as a code sent to their mobile device, before accessing accounts or sensitive data, making it harder for attackers to gain unauthorized access.

Working with managed IT providers

Managed IT providers are IT companies that specialize in information technology and cybersecurity. These are especially great resources for small businesses that don’t have an in-house IT team because they grant businesses access to a team of cybersecurity experts. If business leaders don’t have the time to keep up with the ever-changing cybersecurity landscape (hint: most don’t!) contracting an IT provider is their best bet.

Updating software and defense systems

Keep all software, operating systems, and firewalls as updated as possible. By letting systems forego updates, organizations are opening security vulnerabilities that hackers can exploit.

Assembling a disaster response team

If the worst-case scenario happens and a cyberattack is uncovered, no business should be caught without a plan. A disaster response team helps improve cybersecurity outcomes by putting a response plan in place before the attack happens. There will be no confusion about who needs to do what. Instead, this team can spring into action to achieve the best possible outcome.

What to do when a cyberattack occurs

For most businesses, a cyberattack is a matter of “when,” not “if.” If a cyberattack is discovered, these to-dos should be top priority.

  1. Isolate and contain affected systems to prevent the attack from spreading. This can mean disconnecting devices from the internet or wiping systems clean entirely.
  2. Notify appropriate authorities and business stakeholders. It’s important that the right people are on board to help as soon as possible. Law enforcement, regulatory bodies, IT teams, legal counsel, and disaster recovery support are all crucial.
  3. Investigate and prevent moving forward. A thorough investigation should highlight how the attack happened, and from there, businesses can work to strengthen their IT landscape and mitigate future attacks.

Summary

  • Cyberattacks are malicious attempts to gain entry to or damage computer systems and business networks. They can cause financial damage, reputational damage, and more.
  • Hackers may be driven by personal, criminal, or political motives.
  • To prevent cyberattacks, conduct regular employee training, implement MFA, work with managed IT services, prioritize software updates, and get a disaster response team in place.

 

Background Refs:

Related articles

Finance glossary

What is vendor management?

Vendor management is the act of ensuring that your third-party vendors meet regulatory requirements and contractual obligations. This safeguards your business from …

Read more
Finance glossary

What is MFA?

Multi-factor authentication (MFA) is a security method that requires users to prove their identity using two or more distinct factors before accessing …

Read more
Finance glossary

What are imposter scams?

Imposter scams are a type of fraud where scammers pretend to be trusted individuals, companies, or government agencies to deceive victims into …

Read more

The new security standard for business payments

End-to-end B2B payment protection software to mitigate the risk of payment error, fraud and cyber-crime.