The COVID-19 pandemic has left a lasting imprint on the world, sparking a cascade of economic effects, not just over the past few years, but even more as a delayed aftermath. As a result, the world is expecting a major recession, and the situation is already causing individuals, organizations, and entire economies to face a multitude of challenges.
Today’s economic landscape can be characterized as volatile and unpredictable, and its shifts are more sudden than ever. Such a landscape is the perfect brewing ground for cybercriminal activities like data exfiltration and cyber attacks. For example, the FBI observed a 22.3% increase in reported criminal activity online between 2008 and 2009, which was the most recent period considered a global recession.
The unexpected aftermaths of global layoffs
As businesses struggle to adapt and survive in this difficult period, hard decisions, such as layoffs, have become commonplace. Many of the market’s biggest names, including Google, Meta, and Amazon, have let go of up to 20% of their workforce. While these names make the media headlines, smaller businesses are even worse off and often end up laying off half or more of their personnel to stay afloat. Even more concerning is the fact that the high-tech industry is being impacted most, with highly skilled roles such as software engineers that were previously thought to be safe.
Faced with potential layoffs at any time, most employees in the private sector are under a lot of stress. Job insecurity, loss of healthcare benefits, and the difficulty in finding new positions lead many to financial problems, especially since the cost of living is rising as well, and many individuals simply can’t afford to save money for difficult times, especially in the last few years. This can lead desperate people to turn into malicious actors to consider getting into activities bordering on illegal or even openly unlawful, with data exfiltration emerging as a particularly significant issue impacting an organization’s security controls and data privacy.
The temptation of the dark side
Even without substantial technological expertise or access to the dark web, an employee who has been laid off or is anxious about a possible layoff may seek many ways to benefit from obtaining sensitive data from an organization’s network. These insider threats, including selling stolen sensitive information from the endpoint to competitor companies or individuals seeking a competitive advantage, are one approach. Valuable data, such as trade secrets or personally identifiable information (PII), might command a high price. Another avenue would be to use blackmail or extortion to demand a ransom. In such a situation, the employee may benefit by using the employer’s fear of reputational harm or legal repercussions. While these actions sound extreme and unlikely, the risk of threat actors having to resort to data exfiltration attacks, bypassing security policies and permissions, to keep their homes and support their families is now higher than ever.
Laid-off IT specialists who are struggling to find work in a competitive job market may also be tempted or tricked into collaborating with criminal organizations. These organizations are frequently looking for professionals who can better their cyber attacks, notably in areas such as social engineering, ransomware attacks, scam app development, and malware generation. This partnership between laid-off IT employees and criminal organizations may further increase the risk of data exfiltration because their involvement in designing advanced attack techniques and malware allows for unauthorized access to important information that most incident response or network security teams can’t anticipate.
The political motivations for the theft of data
As parts of the Western world face difficult times, antagonistic countries, through hackers, have an opportunity to gain a political edge by taking advantage of organization’s vulnerabilities and lack of threat intelligence. The current turbulent political environment, aggravated by the war in Ukraine, creates a situation in which certain political players may want to weaken Western countries by focusing on their economies through tactics such as electronic warfare and cyber threats. Personal data theft, particularly from those in significant economic or political positions, can be used by antagonists to advance hostile actions such as identity theft.
Worse, these political moves occur at a difficult time for Western organizations, when they are coping with the aforementioned layoffs, which disrupt company operations, including risk management, and affect security measures. Unfortunately, some organizations lay off employees without adequate consideration, focusing on high earners, and resulting in the loss of top professionals and the retention of inexperienced and unskilled workers. This self-inflicted damage makes businesses more vulnerable to data exfiltration and insider threats as well as security breaches. In the end, inadequately executed layoffs can potentially cause more harm than good by undermining the company’s security posture, making it a perfect target for professional criminals such as those employed for electronic warfare purposes.
The wrong cuts in the wrong places
In their quest to cut costs, companies today may consider certain operational areas, such as information security, to be non-essential to their core operations and therefore a good place for the reduction of investments. Of course, many organizations must meet compliance criteria, and therefore cannot completely look away from data security, but they can keep these investments to a bare minimum. While this guarantees that systems meet mandated standards, it might leave organizations unprotected from cyber threats and malicious insiders.
Just like in the case of employee layoffs, businesses try to make the right cuts in the right places, and unfortunately often fail in that task. All it takes for trouble to start brewing is one bad decision, often left to someone who does not possess the necessary knowledge to know which cuts should be avoided. The result could be, for example, a decision to keep ineffective, low-impact security solutions while suspending or not investing in ones that can truly make a difference. To stay safe, businesses should now prioritize security solutions that mitigate the most important risk: data exfiltration. While it is sensible to be cautious with budget allocation, data loss prevention (DLP) software, as the most potent defense against data breaches and data leakage, should not be overlooked or deprioritized.
The solution to today’s data exfiltration risks: DLP
DLP emerges as the best approach for thoroughly addressing current challenges. It effectively combats internal threats and enables data exfiltration prevention, such as disgruntled employees or those inadvertently retaining access after layoffs, through device control and USB encryption. It also helps and supports the mitigation of the increasing scope of phishing attacks and other security threats, which can significantly impact less-experienced employees such as those not affected by layoffs due to their lower-income positions. In the end, if cybersecurity cuts are needed to stay afloat, DLP should be the last to be considered simply because it provides the most immediate return on investment in preventing security risks and enforcing data protection.
Download our free ebook on
Data Loss Prevention Best Practices
Helping IT Managers, IT Administrators and data security staff understand the concept and purpose of DLP and how to easily implement it.