The underestimated impact of enterprise cyberattacks on individual consumers

According to Check Point Research, cyberattacks on organisations increased by 50 per cent globally and 71 per cent in the UAE in 2021 compared to 2020. But what exactly makes the UAE so appealing to cybercriminals? The answer is more or less profound: the UAE is leading the Arab world in digital transformation and has established itself as one of the most tech-savvy nations. With an impressively advanced digital economy and large digital consumer footprints containing vast amounts of personal information, it makes perfect sense that the UAE has drawn the attention of cybercriminals.

When it comes to cyberattacks, the bad guys do not only go for the money
For example, Spinneys’ ransomware assault, which caused shop openings to be delayed on July 16, 2022, was one of the latest incidents to grab regional attention. The attack probably cost the supermarket chain a hefty ransom to recover encrypted data. Unfortunately, a ransomware cyberattack has far-reaching effects on a brand. In addition to the brand’s reputation taking a hit, the organisation might face regulatory fines if sensitive consumer data is compromised during the attack. Spinneys confirmed that a data breach had indeed occurred.

Kaspersky’s annual IT Security Economics report revealed that the average financial impact of any cyberattack reached $686k in 2021. This shows that businesses must consider cybersecurity risks arising from outside their organisation as well.

Individual consumers: the next target
This is where the plot thickens. The stolen data, which is likely to include personal information relating to consumers, is utilised later to undertake phishing attacks on individuals in the region, resulting in identity theft and even identity fraud. Kaspersky’s research showed that phishing attacks and social engineering targeting individuals had increased by an alarming 230 per cent in the UAE in Q2 2022 compared to the previous quarter. More precisely, the company’s security solutions have detected almost 3.5 million phishing attacks. During the same period, the entire Middle East region saw a 159 per cent rise in cyberattacks related to data loss threats. Cybercriminals deploy a variety of social engineering and phishing tricks to extract valuable personal information, such as payment card details or web/mobile banking credentials, from unsuspecting users. Obviously, the attackers may now be far more convincing to their victims, thanks to the stolen personal data.

Identity protection is the easy way
While organisations continue to tackle these issues by investing in customer protection technologies, more has to be done. The personal information of an individual is becoming increasingly valuable, and cybercriminals are always searching for new ways to access customer data. Therefore, it is equally important for individuals to consider how they can secure their data.

In this era of heightened cybersecurity awareness, organisations that provide identity protection build loyalty and drive customer advocacy. Offering a personal protection solution may help brands differentiate from the competition by raising awareness of cybersecurity risks and demonstrating their support to their valued customers.

Steven Cunnington is the global lead for Identity Assistance Solutions at Collinson

Read: Why diversity is vital for a strong cybersecurity team