One of the most critical and costly threats to modern businesses is cyberattacks. Rapid digitalization, advancements in artificial intelligence (AI), increased dependence on technology, and rising global tensions have significantly increased the threat of cybercrime, making businesses more vulnerable than ever to acts of theft, breaches, and attacks.
In cyberattacks, threat actors gain unauthorized access to a network or digital system in an intentional attempt to steal, expose, or destroy data or other assets.
According to an IBM report, the global average cost of a data breach in 2024 increased 10% from the previous year to its highest total ever, $4.88 million. This includes the cost of discovering the violation and responding to it, downtime, lost revenue, and reputational damage to the business.
Attacks that compromise customers’ personally identifiable information (PII) can even lead to a loss of customer trust and legal action.
Some cyberattacks, such as ransomware, can actually be more costly than others. Overall, cybercrimes are projected to cost the world economy a whopping $10.5 trillion annually by 2025.
While the cybersecurity industry is always working to adapt to the latest threats, keeping up with the trends can be challenging. Bad actors, after all, use all sorts of tactics to gain unauthorized access to target systems.
Tactics Cyber Criminals Use to Threaten Modern Businesses
A look at the cyber incidents that have taken place over the years shows that no one is safe from cybercriminals. From high-tech companies and banks to government agencies and defense departments, cybercriminals have targeted them all.
Now, some of the most common types of cyber attacks include malware, which is malicious software such as a virus that takes advantage of a vulnerability to breach a network. For instance, by clicking on a dangerous link or email attachment, you can install bad software, which, once inside your system, blocks your access, installs additional harmful software, or covertly obtains sensitive information.
A type of sophisticated malware is ransomware that uses strong encryption to block access to certain files in a computer system until money is paid. Ransomware is increasingly becoming more expensive with the average ransom payment surging 500% to $2 million in 2024.
In DNS tunneling, malicious traffic is hidden inside DNS packets to allow it to bypass firewalls and other security measures. Domain name system (DNS) is used to translate a website’s domain name into an IP address. As such, companies with firewalls allow it to pass through the firewall, but of course, this creates an opening for cybercriminals. By encoding malicious data inside DNS queries to make it look like regular traffic, cybercriminals use this technique to silently extract data.
Then there are DDoS attacks that flood your systems with traffic to exhaust your resources.
Phishing is also a common one. In this type of social engineering attack, fraudulent communications take the appearance of a legitimate source to deceive the user into giving their personal or financial information to the attackers. Other types of phishing include spoofing, baiting, and whaling.
Social engineering is one of the most dangerous cybersecurity threats today, which relies on human error to breach a security system. Technological advances like Gen AI and deepfakes have made social engineering attacks more sophisticated and harmful.
Inside threats are another big one. In this type of cyber threat, the attacker is a person who works with the organization. The employee or contractor may deliberately use their access to steal sensitive information or may accidentally cause a security breach by, say, falling for a phishing scam.
Today, mobile devices have also become a huge risk. While miniature computers hold so much sensitive information, they don’t have the same security measures as other devices. Cyber criminals are also increasingly taking advantage of cloud vulnerabilities, the network of interconnected devices (IoT), poor data management, and bad cyber hygiene.
So, as we saw, cybercriminals have too many ways to attack businesses. And the bigger the organization, the better the target they make for cyber criminals. This requires companies to employ strong security measures and constantly update them to ensure the protection of their businesses and users.
Companies Standing Up to Cyber Criminals
The variety and sophistication of cyber attacks are getting more advanced each day, but some companies refuse to be intimidated. In fact, they have chosen to fight back rather than pay up. So, let’s see some notable names that took a strong stance against cyber criminals.
In May 2025, Coinbase, the largest cryptocurrency exchange in the US, reported an extortion attempt against the company and its users. But instead of giving in to the criminals and funding the criminal activity, the exchange has taken the route to punish the criminals, reinforce control, and reimburse customers.
According to the official announcement detailing the incident, criminals targeted a small group of its overseas support agents. They bribed the insiders to copy customer data with the intention to use the information to contact the exchange’s transacting users while pretending to be Coinbase and tricking them into handing over their crypto. According to Coinbase, which immediately fired those responsible:
“These insiders abused their access to customer support systems to steal the account data for a small subset of customers.”
The data compromised includes name, email, phone, address, government ID images, last four digits of social security, masked bank‑account numbers, bank account identifiers, and account data such as account balance and transaction records.
The criminals then tried to extort $20 million in exchange for not disclosing the data theft to the public. The demand was made by an unknown threat actor through an email, which claimed to have information about customer accounts as well as having some corporate data, as per the filing with the Securities and Exchange Commission (SEC).
Instead of funding criminal activity, Coinbase investigated the incident and is working with law enforcement to press charges and “pursue the harshest penalties possible.” It has also established a $20 million reward fund for information leading to the arrest and conviction of the attackers.
“We have notified and are working with the DOJ and other US and international law enforcement agencies and welcome law enforcement’s pursuit of criminal charges against these bad actors.”
– Coinbase’s Chief Legal Officer, Paul Grewal
Furthermore, the platform has established a new U.S.-based support hub and implemented stronger security measures.
First detected by the company independently earlier this year, Coinbase has already sent out notifications to the affected customers and promised to reimburse those who sent funds to the scammer as a result of the social engineering attacks.
As per Coinbase’s claims, less than 1% of its monthly transacting users are affected by the breach, and it is going to cost the company an estimated $180 million to $400 million to fix the issue.
While initially, the data breach disclosure affected company stocks negatively, their prices have since recovered completely. The $67.24 billion market cap company’s shares are trading around $267, up 6.32% YTD. It has an EPS (TTM) of 5.37, a P/E (TTM) of 49.17, and a ROE (TTM) is 15.83%.
Coinbase Global, Inc. (COIN -0.99%)
Financial-wise, Coinbase reported $2 bln in revenue and $66 million in net income for Q1 2025 and $9.9 billion in USD resources.
The global gaming and entertainment company was hit by a cyberattack in September 2023. The attack severely damaged MGM’s technology nationwide, but it refused to pay the ransom. As a result, MGM was forced to shut down its systems at several of its hotels and casinos.
The American hospitality company has resorts in China, Japan, and the United States, specifically in Las Vegas, Atlantic City, and Detroit. MGM reported that the attack had a “predominantly” negative impact on Las Vegas operations.
The attack sent resorts on the Las Vegas strip into complete chaos. From slot machines to escalators and hotel key cards, various systems took a hit during the attack. As a report taking a deep dive into the MGM hack quoted a customer as saying:
“I asked them how long this was gonna be, and they said it could be one day, it could be three weeks.”
Customer data stolen in the hack included names, phone numbers, driver’s license numbers, and date of birth. A “limited number” of customers also had their Social Security numbers and passport numbers stolen.
MGM didn’t report the exact number of people affected by the attack, but it did mention that hackers stole data from customers who transacted with it before March 2019.
Hackers, however, did not steal passwords, card details, or bank account numbers, announced MGM at the time. To those affected, it promised to give free credit monitoring and identity theft protection services.
The company reported spending under $10 million on “technology consulting services, legal fees and expenses of other third party advisors” related to the attack. A regulatory filing by the MGM, however, estimated that disruption from the attack, as well as efforts to resolve the issue, would cost MGM more than $100 million in total.
In the aftermath, multiple lawsuits were filed against MGM, and the U.S. Federal Trade Commission also launched a probe into the hack’s impact on its data security, which the company objected to by suing the FTC.
The regulator dropped all legal actions against MGM as a class action on behalf of breach victims, settling for $45 million. The Justice Department also brought charges against five people alleged to have been involved in the attack.
As for the market performance of MGM, it has been making a nice recovery over the last decade and a half. With a market cap of $9 billion, MGM shares are currently trading at $33.16, down 2.83% YTD, while having an EPS (TTM) of 2.23, a P/E (TTM) of 14.84, and a ROE (TTM) of 21.38%.
MGM Resorts International (MGM -2.29%)
Its financial performance reveals $4.28 bln revenue and $148.6 million net income for 1Q25 while having cash and cash equivalents of $2.27 billion.
The snack company Mondelez International’s sales, distribution, and financial networks were hit by the same malware that affected major organizations such as Rosneft, Nuance Communications, Reckitt Benckiser, AP Moller-Maersk, and Saint-Gobain, each of which lost hundreds of millions of dollars due to the cyberattack.
The malware responsible for this was NotPetya, which rendered about 1700 of Mondex’s servers and 24,000 of its laptops dysfunctional. This attack, which caused over $10 billion in global damages, encrypted victims’ machines and left a demand for a ransom payment. It was not designed to be decrypted, though.
The malware was introduced to the servers of M.E.Doc, a Ukrainian accounting software firm, and infected all the organizations that used its software, hence spreading all over the world.
The owner of U.K. chocolate maker Cadbury, Mondelez, estimated the cost of the attack at just over $150 million in lost sales and incremental expenses.
Late in 2018, Mondelez International filed a lawsuit against Zurich American Insurance Company after the latter rejected its $100 million insurance claim for damage caused by the malware.
The company had an insurance policy with Zurich for “all risks of physical loss or damage.” This included “physical loss or damage to electronic data, programs, or software, including physical loss or damage caused by the malicious introduction of a machine code or instruction…”
However, Zurich rejected Mondelez’s claims on the grounds of the standard ‘act of war’. NotPetya has been believed to be sourced by Russian state-affiliated actors, which Russia denied.
The battle between Zurick and Mondelez ran for several years before the two reached a settlement in October 2022, whose details were not disclosed.
Mondelez International, Inc. (MDLZ +0.23%)
The $85.6 billion market cap Mondelez, whose portfolio of brands includes Oreo, Ritz, Milka, Toblerone chocolate, and others, sells its products in over 150 countries. Its shares, as of writing this, are trading at $65.86, up 10.79% YTD. It has an EPS (TTM) of 2.69, a P/E (TTM) of 24.49, and an ROE (TTM) of 13.27%. A dividend yield of 2.85% is also offered.
Dubbed by the US government in 2018 as the “most destructive and costliest cyberattack in history,” NotPetya impacted companies in 65 countries. Among those impacted was FedEx’s European division, TNT Express, which it had acquired just the year before for $5 billion.
The shipping giant attributed a $300 million loss to the ransomware attack and didn’t have cybersecurity insurance in place, though having one didn’t do any good to Mondelez International. A FedEx executive, however, noted at the time that, as a result of the NotPetya attack, they are “re-examining the cyber-insurance market to determine if there is coverage we can develop that would add protection for our company at a reasonable price.”
In the immediate aftermath of being infected with the NotPetya ransomware virus, FedEx had to temporarily suspend its share trading because the Netherlands-based TNT Express was “significantly affected due to the infiltration of an information system virus.”
While TNT did resume its services, it wasn’t without consequences. As FedEx noted at the time, volume, revenue, and profits were all impacted.
While the company worked to restore its systems hit by the malware, with NotPetya being a wiper, which means no recovery, FedEx noted it to be “reasonably possible” that TNT doesn’t fully restore all affected systems and recover critical business data encrypted by the virus.
So, the company focused on rebuilding its “technical environment to be more resilient,” even those systems that were not affected.
Besides this major attack, FedEx itself has experienced several other disruptions over the years. Just a month before TNT was attacked by NotPetya, FedEx was attacked by the WannaCry virus, which spread to over 150 countries. Then, in July 2024, a global IT outage also affected its operations.
FedEx Corporation (FDX -2.2%)
The $53.27 billion market cap FedEX provides transportation, e-commerce, and business services through its efficient global network. And as of writing, FDX shares are trading at $222.45, down 20.64% YTD. Its EPS (TTM) is 15.93, P/E (TTM) is 13.97, and ROE (TTM) is 14.74% while offering a 2.48% dividend yield.
The company’s revenue actually grew 2% YoY to $22.2 billion despite “a very challenging operating environment, including a compressed peak season and severe weather events.”
The Switzerland-based Garmin is known for its GPS navigation devices and wearable technology for fitness, aviation, marine, automotive, and outdoor markets.
In 2020, the company suffered a ransomware attack, which caused it to shut down its website, call centres, and some online services. The company also chose to shut down all of its devices to prevent them from being encrypted.
The attack not only affected Garmin’s ability to receive any emails, calls, or online chats, but also its multiple flyGarmin services, which are used by aircraft pilots. The company established a “multi-day maintenance window” to deal with the attack’s impact while assuring its users that no personal identifying information (PII) was compromised.
This outage was caused by the ransomware strain called WastedLocker. This tool encrypts key information on the system and renders programs like user applications and customer support, in the case of Garmin, useless until decrypted.
WastedLocker has been linked to Evil Corp, a Russian hacking group, which the US Treasury Department sanctioned in 2019 for causing more than $100 million in financial damages using Dridex malware.
The hackers demanded a $10 million ransom from Garmin. Within four days of the attack, Garmin started restoring its services. Several reports, however, indicate that Garmin did pay the hackers, although no denial or confirmation came from the company itself.
Garmin Ltd. (GRMN -0.55%)
With a market cap of $39.2 billion, GRMN shares are trading at 203.58, down 1.18% YTD and about 17.4% from the peak it hit in February this year. The company’s stocks have been enjoying a massive upside over the past two and a half years. Now, its EPS (TTM) is 7.58, P/E (TTM) is 26.84, and ROE (TTM) is 19.04%, while a nice 1.77% dividend yield is also offered.
As for company financials, Garmin reported a record consolidated revenue of $1.54 billion and a record operating income of $333 million in Q1 2025. It also ended the quarter with $3.9 billion in cash and marketable securities.
Given the hyper digitized and connected world we live in, it’s a matter of when, and not if, businesses around the world face the danger of cyberattacks.
These attacks are also getting more sophisticated with cyber criminals utilizing advanced technology, making it increasingly challenging for businesses to decrypt them. And paying ransom is not always the smart choice. Fighting the attackers is also a viable choice as we saw with Coinbase, which chose to stand up rather than bow down to criminal demands.
But while paying a ransom makes one a high target for another attack, in some cases, it may also be the only way to get back access to the systems and protect your customers.
What companies need to do is invest sizable time and money into developing a holistic solution. This includes creating awareness about the risks, conducting employee training, keeping software, devices, and systems up to date, limiting administrative rights on computers, implementing a zero-trust strategy, and having data backups.
Being prepared for all eventualities is the only way to move forward in the digital world, where the stakes have simply never been higher!
Click here for a list of top cybersecurity stocks.