2017 stunned the online world as the year of the largest ransomware attack ever with WannaCry and the data breach at Equifax that compromised the personal information of almost half of the American population. The beginning of 2018 revealed the vulnerabilities of Meltdown and Spectre which poses a threat to every device and operating system anywhere in the world.
With cyber attacks increasing in numbers, and growing in prominence from devastating online businesses to allegedly affecting political elections, cybercrime is a growing threat. The good news for IT and security professionals is that the situation is far from hopeless. By analyzing and understanding the current trends and staying as proactive as possible on current threats, they have a solid chance of effectively dealing with the online challenges and threats they face. It can start with a proper cybersecurity employee security awareness training program.
Most Cyber Attacks are Aimed at Small to Medium Business
An estimated 75% of cyber attacks are aimed at small and medium businesses as opposed to large ones. According to the SonicWall Annual Threat report, this statistic is only expected to rise. Smaller businesses often don’t have the budget for stronger security measures or services and it leaves them more vulnerable to attack.
Most Understand Phishing But More Than Half Click on Risky Links Anyway
Ransomware is commonly delivered via phishing emails and almost 80% of internet users claim to understand the threat of unknown links in such emails. What’s baffling is that 56% of the same group tend to click on these links anyway. There are a variety of reason as to why but the simple truth is that phishing is one of the biggest cybersecurity threats facing businesses of all sizes. All it takes is for one employee to click on a link in a phishing email and a hacker has a way into the data on their device and a path into the network of the business.
Hackers Hiding in Networks
According to Microsoft, the average hacker dwells for about 146 days within a network before they are discovered. That means the hacker has roughly 5 months to harvest sensitive information, documents, and to discern vulnerabilities. It should also be remembered that the individual hackers aren’t programs or machines, but human and therefore unpredictable.
Mobile Malware is on the Rise
Mobile malware variants have increased a stunning 54% according to Symantec who blocked 24,000 mobile attacks every day of 2017. While keeping device operating systems updated would prevent many of these attacks, only about 20% of Android devices were running the latest version of their OS. Grayware apps also pose a threat because many of them leak the device’s phone number. It comes down to users making poor choices about which apps they allow to see and transfer their personal information.
Attacks With Fileless Techniques
One significant new trend is a change in the execution of the attacks as they shift away from using .exe (executable files) that are normally used to deploy malware. The change poses a huge threat to commonly used security solutions like antivirus which are programmed to look for .exe files.
There’s confusion because the attacks are described as “fileless” but normally other types of files are involved at different points of the strike. What’s alarming is that tools exist for these types of attacks that make it increasingly easy for those with little technical expertise to execute them. In many cases, they are able to bypass traditional security measures so they are increasingly successful. In 2017, 77% of attacks against businesses and organizations involved this delivery method according to a study by the Ponemon Institute.
Ransomware Declining While Cryptomining Malware Rises
Ransomware attacks dominated as the top threat for two years leading into the second half of 2017. According to Malware Bytes, during the first six months of 2017, 7 out of 10 attacks on companies who had malware infections turned out to be ransomware.
And then with no explanation, it stopped. As of July 2017, ransomware attacks dropped to 30% and by December it inexplicably dropped to being used in only 5% of all attacks. And during this time cryptocurrency-mining malware began to increase.
Many experts agreed that by the time Wannacry infected so many computers in May 2017, ransomware had reached the pinnacle of its journey as it had been one of the top growing security threats for years. While media was reporting on the impact of Wannacry and how far and quickly it spread, it didn’t report much about the fact that few victims were actually paying the ransoms. In the end, the attackers made $143,000 from the entire event.
In the meantime, Cryptocurrency-mining malware has proven to be a quicker way to get money by hijacking a victim’s CPU power to mine cryptocurrency directly without them even being aware of the theft. With this method, there are no potentially uncooperative victims to negotiate with. And it shows a quick shift back to malware that seeps into networks through any vulnerable points.
Security Costs are Growing
At the end of the day, many businesses are struggling with the costs for what they need to keep themselves safe from cyber thieves. While many proactive antivirus vendors are adding additional features to help with the constantly changing landscape of cybersecurity, the need for more personnel to deal with the threats have left many businesses feeling as if they are fighting a losing battle.
Worldwide cybersecurity costs are estimated to reach $96 billion in 2018. With the high-profile attacks and data breaches of 2017, like Equifax, companies are aware of both the immediate and long-term consequences if they are compromised and are striving to do whatever they can to keep the unthinkable from happening.
Be Proactive, Not Reactive
The need to be proactive in watching for and effectively dealing with internal and external weaknesses needs to be a top priority for all businesses, regardless of their size. In studying cybersecurity stats, adjusting policies and practices as needed, and making no assumptions, companies will stand a better chance of dealing effectively with cybersecurity threats as opposed to being a victim of them.