Cyber attacks pose a huge risk to companies. Ransomware attacks, in particular, are on the rise. As well as phishing, attackers are increasingly making use of software weaknesses to penetrate networks, steal data and then encrypt it. Another consequence is blackmail, where attackers threaten to publish stolen data. The CrowdStrike 2024 Global Threat Report*), for example, shows that attackers are becoming increasingly quick and inconspicuous.

The risks are therefore wide-ranging, and extend far beyond a network simply being paralysed by a virus. Companies that do not protect themselves sufficiently risk massive damage to not only their data but also their operations and their reputation. The loss of reputation that companies suffer in cases such as this can have a long-term impact on client relationships and business partnerships. Attacks on corporate data that go beyond simple encryption are particularly critical.

How hackers circumvent companies’ security mechanisms

Evasion tactics are techniques that attackers use to circumvent security mechanisms and checks and to penetrate networks and systems unnoticed. These tactics include a variety of methods, such as hiding malware, exploiting zero-day weaknesses or encrypting data traffic to avoid being detected by intrusion detection systems (IDS) or intrusion prevention systems (IPS). Failing to update applications and operating systems creates significant entry points for attackers.

Neglecting software patches can lead to significant costs, often exceeding the expense of regular maintenance and updates. In an increasingly networked and digitalised world, unpatched security flaws create a greater risk of cyber attacks, data theft and business interruptions. Companies that fail to update their software regularly risk not only financial losses but also huge damage to their reputations.

Unpatched software can be expensive

First of all, a critical aspect is the direct costs that can arise from unpatched weaknesses. Hackers use known weaknesses to penetrate systems and steal sensitive data, install ransomware or perform other malicious activities. These attacks can endanger the integrity and availability of data and services and cause downtime. The resulting loss of revenue and the cost of repairing the damage will often exceed the investment that would have been required to install patches in the first place. Companies that fall victim to such attacks often also have to pay out large sums in the form of fines or for legal proceedings, if data protection regulations are violated.

Outdated and unpatched software scuppers companies

As well as the direct financial implications, there are also hidden costs. Neglecting patches can also impair system performance. Faulty or outdated software not only impairs efficiency – it also increases maintenance costs. Administrators have to use additional time and resources to fix problems that could have been avoided by installing updates. In addition, older systems often have to be monitored and maintained manually, as they are more vulnerable to crashing or being incompatible with newer technologies.

Reputational damage is another consequence of neglecting software patches. Clients and business partners quickly lose trust in companies whose systems are not sufficiently protected. A security incident that becomes public can cause lasting damage to a company’s reputation. In many cases, clients will opt for competitors that take IT security more seriously, creating long-term sales losses and impairing market position. 

The 2024 CrowdStrike incident highlighted issues with outdated systems

A faulty update to CrowdStrike’s security software in mid-July 2024 put nearly nine million Windows PCs across the globe – including the Delta Airlines systems – into a continuous loop. According to Microsoft, Delta relies on outdated operating systems and network architectures that are no longer optimally designed for the seamless integration of cloud-based security solutions. This makes it difficult for modern security measures to be implemented, as well as leaving the company more vulnerable to attacks and technical problems.

Reliance on legacy systems is a particularly major challenge in the context of the modern threat landscape. Microsoft argues that if Delta had modernised their IT infrastructure, they would have been able to deal with the incident more quickly or even prevent it. Legacy systems are often difficult to patch, and security solutions need to take account of compatibility issues that can adversely affect the effectiveness of security measures.

Delta’s decision not to invest in modernising IT despite the growing cyber risks is viewed as a crucial factor behind the incident. Another critical point was the lack of redundancy in Delta’s systems. Whilst many modern companies use hybrid cloud solutions to ensure reliability, Delta remains heavily reliant on local infrastructure. This outdated architecture makes it more difficult to react quickly to interruptions or automatically restore systems.

The Delta Airlines incident shows that neglecting IT infrastructure not only can cause business interruptions, but also limits a company’s ability to react efficiently to unforeseen problems, even working in conjunction with leading security providers. Microsoft’s criticism emphasises the importance of ongoing IT modernisation in order to keep up with a growing threat landscape and maintain reliance on third-party providers at a safe level.

Another factor is the regulatory impact. Many sectors have strict regulations governing IT security and data protection. If systems breach these regulations by not being fully up to date, this can be punished with significant fines. The regulatory authorities are increasingly imposing sanctions against companies that do not meet their cybersecurity obligations.

The role of incident response strategies and internal IT skills

One aspect of particular consequence in the Delta Airlines incident is the company’s insufficient incident response strategy. Whilst external security solutions such as those provided by CrowdStrike play a crucial role, this incident showed that Delta was not sufficiently prepared internally for IT crisis situations. Modern incident response strategies require not only close collaboration with external partners, but also well-trained internal teams able to quickly analyse outages and take countermeasures, including with regard to updates. It was reported that during the incident, Delta only had limited opportunities to remedy the problem immediately, as both staffing and processes were based on outdated technologies.

The latest developments in the IT security sector focus heavily on combining sophisticated external threat detection with internal skills to enable a quick reaction time. Companies that rely entirely on third-party providers without correspondingly developing their own security and IT departments risk a delayed response in the event of an attack or a technical fault. As well as increasing downtime, this can also heighten the impact on business operations, as the Delta Airlines case demonstrated. One of the most important lessons to learn from this incident, therefore, is the need to continually improve internal skills in the fields of threat analysis, troubleshooting and crisis management.

The long-term costs of technical debt caused by neglecting software packages

One key but frequently overlooked aspect of neglecting software packages is the ‘technical debt’ that builds up in IT systems over the long term. Technical debt is created when companies postpone necessary updates and maintenance, making their IT infrastructure increasingly outdated and more difficult to manage. This increases not only the immediate security risk, but also operational costs. Continually neglecting patches results in an increasingly complex and fragile system landscape that becomes more and more difficult to patch without causing incompatibilities or downtime.

For the long term, companies need to make significant investment to settle this debt. This concerns the need to replace outdated systems with new technologies and the rising costs of specialist IT staff to maintain outdated systems. In addition, a company’s agility is impaired, as outdated software makes new business solutions harder to implement and adversely affects the company’s ability to respond to market changes. In many cases, the cumulative costs accrued by the need to carry out major infrastructure projects in order to dismantle technical legacy systems exceed the short-term savings made by postponing patches.

The CrowdStrike 2024 Global Threat Report

Stay tuned in real time
Subscribe to
the newsletter
By providing your email address you agree to receive the Incyber newsletter and you have read our privacy policy. You can unsubscribe at any time by clicking on the unsubscribe link in all our emails.
Stay tuned in real time
Subscribe to
the newsletter
By providing your email address you agree to receive the Incyber newsletter and you have read our privacy policy. You can unsubscribe at any time by clicking on the unsubscribe link in all our emails.