Digital technologies have increased more rapidly after the pandemic hit globally. More workers worldwide work remotely, and more businesses are starting to store their customers’ and companies’ data on the cloud.

Although cloud computing provides many benefits and advantages for businesses, there is also an increased risk of cyber crimes. Therefore, cyber security can’t be ignored because there are severe impacts on your business, such as:

1. Operational disruption

When a cyber threat occurs, it can lock the system so that employees can not access any important data. The types of operational disruption can be varied depending on its nature and scope, ranging from minor disruption to a halt in business operations. In addition, the work of the IT team will increase as they have to focus on finding the cause and repairing the system.

On 22 July 2021, Transnet, a large South African rail, port, and pipeline company, was attacked by hackers, and their official website was down, showing an error message. As a result, Transnet must suspend its operations in its major ports, such as Durban, Port Elizabeth, and Cape Town, for several days due to the disruption of its container terminals.

2. Increased costs 

Cyberattacks will create a large financial loss for businesses, especially if it has to pay ransoms and extra costs to repair the system. Hackers generally hunt the important company’s database so they can demand ransom after the data is taken. This is called ransomware. These days, ransomware attacks have increased globally because of Ransomware as a Service (RaaS). 

RaaS is an adoption of the Software as a Service (SaaS) business model because RaaS users don’t need to be skilled or experienced in coding. Hackers need to use the software tools that are provided by RaaS solutions. This development, of course, will increase the chance for a company to experience ransomware.

3. Reputational damage

Cyber threats can lead to a loss of customer trust, loyalty to a brand, decreased trust from shareholders, and the reputation of a company as a whole.

In 2013 and 2014, Yahoo experienced data breaches and was dubbed as one of the biggest security breaches in history because 3 billion accounts were stolen. As a result, Yahoo was required to pay a fine of US$55 million up to victims, US$24 million for two years of credit monitoring, up to US$30 million for legal fees and to US$8.5 million dollars for other expenses.

Yahoo, founded in 1995, had struggled for years to compete against other internet companies but failed, and its reputation shrank even more.

4. Lost revenue

One of the worst impacts of cyberattacks on digital business is a decline in revenue as customers become cautious about their data and move elsewhere to protect themselves.

One of the interesting cases is when Sony Pictures was attacked in 2014 while preparing to release “The Interview”, a film comedy that depicts an assassination attempt on North Korean leader Kim Jong Un.

Sony Pictures’ sensitive information, including embarrassing emails and performance evaluations of their staff, was stolen. Many believe North Korea was behind the attack, but they denied it. As a result, Sony Pictures did not release the film, which cost them US$30 million.

5. Stolen intellectual property

According to a Boston-based cybersecurity firm Cybereason, there’s a malicious cyber operation named Operation CuckooBees that exfiltrates hundreds of gigabytes of intellectual property and sensitive data, including blueprints, diagrams, formulas, and manufacturing-related documents from multiple companies in North America, Europ, and Asia.

The cybercriminals were focused on obtaining blueprints for cutting-edge technologies that were not yet patented.

6. Stolen personal data

Nowadays, data is being called a new source of oil, and unfortunately, cybercriminals understand it very well. Hackers will constantly try to find new ways to access confidential data such as patent data, products, employee data, and customer data.

In 2020, 91 million customer accounts and seven million merchant accounts of Tokopedia (the largest e-commerce in Indonesia) were hacked by Whysodank and sold on a dark web forum called EmpireMarket.

If that personal data falls into the wrong hands, this important data can be used to commit fraud and take over accounts on the internet.

7. Changed business practice

Today’s customers are more aware and concerned about how a company handles their security, especially the threat of data breaches and compromises. Also, legislative acts like GDPR (General Data Protection Regulation) in the European Union or PDPA (Personal Data Protection Act) in Singapore have been implemented.

Because of that, many companies have stopped storing customers’ personal data, such as credit card details and birth dates. Moreover, some companies altered their business practice by shutting down their online stores because of the concern of cyberattacks.

8. Lawsuit for damages

Every organisation now needs to pay more attention to cyber security because customers can do class-action lawsuits against companies that hurt them by the attack.

One of the examples is a lawsuit filed against Colonial Pipeline, a company that ran the network of fuel pipes serving much of the East Coast, USA. Due to a computer hack attack, the pipeline had been shut down, and panicked drivers were buying extra fuel, leading to a run on gas supplies.

Because of this, Colonial Pipeline consumers who are gas station owners not only lost sales and customers but also had to pay higher gas prices. So, they had no choice but to file a class action against the company. 

Previously, courts were reluctant to acknowledge that having personal data stolen from a company’s computer system could lead to actual harm.

However, after years of repeated hacks, more courts have begun to recognise that cyber attacks can hurt real people in real ways. Since ransomware attacks are growing, it means the potential for lawsuits will increase as well. And if lawyers can show that a company had some mistakes in protecting its system, victims will have a chance to sue. First came the ransomware attacks, and now came the lawsuits.

Final thoughts

Cybersecurity is no longer a “nice to have”, but it’s a “must have” for all types of businesses. No one can predict when or how they will experience a cyber attack, but we can strengthen vulnerable systems in advance. 

A cybercrime can make or break a company, depending on how prepared they are. Don’t be the one who regrets only after something bad happens because it will already be too late.

*This article has been published on e27.co on 28 Nov, 2022