Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label American Enterprise Institute. Show all posts

AEI Reports: Threat Actors are Targeting High-profile Companies


According to an American Enterprise Institute (AEI) study, threat actors have been targeting high profile companies, that are exceptionally profitable, hold high value and have generous spending on advertisings, since year 1999.

FBI confirmed that the potential losses from cybercrime activities have increased to 48% last year, from a loss of $6.9 billion to $10.2 billion in 2021.

“Today’s cyber threats hit a wider array of victims and carry the potential for greater damage than ever before,” says Paul Abbate, FBI Deputy Director in a statement on Wednesday./ “The threats are evolving rapidly, and the stakes have never been higher[…]wreaking havoc on business operations,” he says.

According to the AEI researchers, who used "the most comprehensive dataset of publicly reported cyber events" for the time period under study, ransomware, malware, and distributed denial of service attacks do majorly harm company valuations by impeding IT systems, cutting off access to data, websites, and company services.

The researchers noted that several cyber-strikes may as well go unreported due to the high publicity cost.

“Our results show that firms suffer statistically and economically significant negative abnormal returns in response to the announcements of adverse cyber events,” they said.

Investors of the companies have turned to reacting faster than the cyberattack news, saying “Prices react more quickly in the later part of the [data] sample, implying that market participants have learned over time about the damage that such events can cause.”

According to the experts, the cost of cybercrime to targeted enterprises largely outweighs the harm done to other businesses and the whole economy.

The researchers also noted that companies with connections to the US government or the defense sector are particularly susceptible to cyber-strike. The target may become a “launching point for so-called ‘supply chain attacks,’ with the ultimate goal to breach government agencies or steal government secrets and government employee PII [personally identifiable information] data,” they said.

“This risk also increases in the amount of cash on a firm’s balance sheet — possibly due to a higher ability to make ransom payments — and in advertising spending — likely because consumer-facing firms also collect PII information on their customers,” added the researchers.

The researchers also noted that companies involved in critical infrastructure like water treatment, dams, nuclear power and other power grids “may be preemptively breached by nefarious actors such as terrorists or hostile nation-states intent on causing maximum disruption.”