Assessing the delicate cybersecurity “fire triangle”

A physical roaring fire and a digital cyberattack might not have much in common – but these very different forces leave a similar a trail of destruction in their wake. By Pat Krupa, Head of Product and UX, SmartFrame.

  • 4 years ago Posted in

Despite their seemingly aimless and destructive nature, fires are ultimately delicate and made up of three vital elements – oxygen, heat and fuel. These three elements make up the “triangle” that’s vital to a making a fire – taking any one of these away makes the fire goes out.

 

The impact of cyberattack is similarly made up of three co-existing elements. It’s simplistic to solely view cybercrime as a sport where hackers are the only players. The fact is, those on the receiving end of a cyberattack are affected emotionally, commercially and technically.

 

This rings particularly true with the security of digital assets likes images. Online images hold a unique value that content owners may not even be aware of. From the emotional trauma of deeply personal images being leaked – to the financial hit of ecommerce images being misused to sell counterfeit goods – it’s high time we started viewing the impact of cybercrime for its truly multifaceted nature.

 

Technically Speaking

 

A good proportion of cyberattacks stem from IT vulnerabilities and technical weaknesses. A survey released this year by security company Tripwire found one in three (34%) European organisations had been breached as a result of an unpatched vulnerability.

 

This isn’t to say that businesses aren’t taking technical vulnerabilities seriously. Research from Cybersecurity Ventures estimates that over $1 trillion will be spent on cybersecurity products and services between 2017 and 2021.   

 

It’s positive that businesses are investing in technical cybersecurity solutions – both to protect themselves and to meet current laws and regulation like GDPR. The fact still remains, however, that cyberattacks continue to be facilitated by outdated technical habits – for enterprises this could be relying on an out of date IT operating system or unpatched device.

 

When it comes to digital assets, and specifically images, a vast majority of content owners are relying on outdated technology in the form on the JPEG. The JPEG, inherently insecure in its nature, can easily be stolen and misused by bad actors. The JPEG often acts as the technical vulnerability that leads to images being targeted in cyberattacks – such as celebrities’ private photos being deliberately leaked.

 

Cyberattacks for commercial gain

 

Most forms of cyberattack are for commercial gain—whether it’s an attack on a company to steal consumer data or a ransomware attack to demand a payout.  For enterprises, falling victim to a cyberattack equates to a massive financial hit – to such an extent that running a profitable business today hinges on maintaining good cybersecurity.

 

In today’s ecommerce dominated business sector, global online counterfeiting has become a massive issue. This form of cybercrime is impacting businesses across various sectors – fashion, food, electronics and more. According to the Global Brand Counterfeiting report 2018, the losses suffered due to global online counterfeiting amounted to $323 billion in 2017.

 

On social media platforms, online counterfeiting is particularly rife. These image centric platforms are well suited to counterfeiting because bad actors can steal and pass off brands’ images as their own. In a study of Instagram from April of this year, analytics firm Ghost Data found that nearly 20 percent of all posts about fashion products on Instagram feature counterfeit products – with more than 50,000 accounts promoting and selling counterfeits.

The lifting and unauthorised use of online images counts as a cyberattack – one with a significantly negative financial impact. Not only does online counterfeiting mean lost revenue for brands – it also harms the brands reputation.

 

The lasting emotional impact of cybersecurity

 

When a form of cyberattack takes place, much of the attention and focus is on the hard facts—how personal data has been compromised, or the significant cost of an attack to businesses. Often, the emotional distress caused by cyberattacks is overlooked—whether it’s the victim who has their data compromised, or the business that struggles to recover its brand reputation following a data breach.

 

Emotional distress is heightened when it comes to cyberattacks involving digital images. Back in 2014, a collection of almost 500 personal images belonging to various celebrities, many containing nudity, were leaked and posted on image board 4chan. These images were later distributed on various other websites, including Reddit and Imgur. Fast forward five years, and we are seeing incidents continue to take place —in June of this year, actress Bella Thorne was forced to leak her own intimate images after being threatened by a hacker.

 

The leaking of intimate images perfectly demonstrates the great emotional damage that cyberattacks can inflict. The fact is though, that almost all kinds of cyberattacks lead to some sort of negative emotional impact. When digital assets are stolen, data breached, databases hacked – there’s always a human being at the receiving end who is left feeling bitter.

 

Pre-empting and preventing the cybersecurity fire

 

Fire is made up of the fire triangle’s three elements – oxygen, fuel and heat. Cyberattacks and their impact similarly consist of three elements – emotional, technical and financial. Once enterprises understand each element and the potential impact, they will be more inclined to make that changes that will secure their businesses online.

 

This requires more than purchasing the latest cybersecurity tool or product. Oft-forgotten, digital image assets are valuable for any enterprise that does business online – securing them should be part of any serious cybersecurity plan. Securing digital assets requires bold decisions – while enterprises continue to rely on JPEGs and insecure platforms, they’ll always be vulnerable. Those serious about securing their digital assets will look to more secure encrypted formats that take various measures to protect copyright and prevent theft.

 

With the right preparation and understanding of the elements they contain, cyberattacks can be extinguished and prevented just the way that real life fires can.

 

By Barry O'Donnelll, Chief Operating Officer at TSG.
By Dr. Sven Krasser, Senior Vice President and Chief Scientist, CrowdStrike.
By Gareth Beanland, Infinidat.
By Nick Heudecker, Senior Director at Cribl.
By Stuart Green, Cloud Security Architect at Check Point Software Technologies.
The cloud is the backbone of digital cybersecurity. By Walter Heck, CTO HeleCloud
By Damien Brophy, Vice President EMEA at ThoughtSpot.