The hidden dangers of our protection technology PART 2- Understanding the threat probability
Understanding the threat probability
In the previous article I mentioned several scenarios that can transform widely used protection software like an antivirus into an attack station and what you need to know in order to decide on your security measures and controls.
Now it is time to evaluate the likelihood of them happening.
So let us now look at the probability of these scenarios happening.
First let us start with the motive of online criminals. They strive for massive impact, they want it fast, with as little cost as possible and the biggest rewards in comparison to their involved cost. If you combine the massive impact and speed motives with the big rewards you will realise that antivirus software offers the goods because a potential vulnerability within them will affect a huge number of people and organizations while at the same time the method of attack can affect/hit all of them at the same time. Yes, the cost might not be low but the rewards in comparison to the costs are pretty high.
In order to help you understand this scenario imagine a Ransomware attack hiding inside computer systems of let’s say 500 small and medium size businesses at the same time. That is a very conservative number if you consider that it is possible if they attack through antivirus software with many users of which many are small and medium size businesses. Let us say that the cyber criminals are asking each one of their targets for 10 000 thousand dollars. Just for the record that is 10% of the average cost of an attack of this type but even if the cyber-criminal knows just a little math there is still high potential pay out for them. All attacks are performed at the same time and the collection of ransom from all of them is done in a 24 hour window. Let us say that only half of them decide to pay (even though based on statistics less that 5% is not paying because is able to deal and recover from the attack) that means 2.5 million dollars’ income in a day. Not bad… You got the point now!
In the third part of this article series I am going to analyse another two hidden factors that you should be considering regarding the hidden dangers of your widely-used antivirus software.
What is more deceptive than your antivirus attacking you? You will not even see it coming.
If you want to read the first part of the article “The hidden dangers of our protection technology PART 1: Understanding Threat Mechanics” click here.