Cybercriminals learning how to monetize millions of incidents, yet report finds 95 percent could have been avoided
�
SINGAPORE -�Media
OutReach�-�July 10,
2019 - The Internet Society's�Online Trust Alliance (OTA),�which identifies and promotes security and
privacy best practices that build consumer confidence in the Internet,
today released its Cyber Incident & Breach Trends
Report. The report found the financial impact of ransomware rose by
60%, losses from business email compromise (BEC) doubled, and cryptojacking
incidents more than tripled, all despite the fact that overall breaches and
exposed records were down in 2018. The data shows that cybercriminals are
getting better at monetizing their activities, with OTA estimating the more
than 2 million cyber incidents in 2018 resulted in over $45 billion in losses,
with the actual numbers expected to be much higher as many cyber incidents are
never reported.
�
"While it's tempting to celebrate a
decreasing number of breaches overall, the findings of our report are grim,"
said Jeff Wilbur, technical director of the Internet Society's Online Trust
Alliance. "The financial impact of cybercrime is up significantly and cyber
criminals are becoming more skilled at profiting from their attacks. So, while
there may be fewer data breaches, the number of cyber incidents and their
financial impact is far greater than we've seen in the past."
�
In the report, OTA noted a steep rise
in cyber incidents like supply chain attacks, Business Email Compromise (BEC)
and cryptojacking. Some attack types, such as ransomware, are not new but
continue to be lucrative for criminals. Others, such as cryptojacking, show
that criminals are shifting their focus to new targets. Some of the top trends
from the Cyber Incident & Breach Trends Report are listed below.
�
-������ Rise of Cryptocurrency Breeds New Cyber
Criminals
In conjunction with the increasing prevalence of cryptocurrency
comes the rise of cryptojacking, which tripled in 2018. This is a specific type
of attack aimed at hijacking devices to harness computer power at scale to
efficiently mine cryptocurrency. OTA believes these incidents are increasingly
attractive to criminals as they represent a direct path from infiltration to
income, and are difficult to detect.
-������ Deceptive Email
Though well-known as an attack vector, Business Email Compromise
(BEC) doubled in 2018, resulting in $1.3 billion in losses as employees were
deceived into sending funds or gift cards to attackers who use email to
impersonate vendors or executives.� Many
companies are reacting by clearly labeling all emails that originate outside
the organization's network.
�
-������ Attacks via Third Parties
Supply chain attacks -- wherein attackers infiltrate via
third-party website content, vendors' software or third-parties' credentials --
were not new in 2018 (similar past exploits include Target in 2013, CCleaner
and Not Petya in 2017), but they continue to proliferate and morph. The most
notable 2018 attack was Magecart, which infected the payment forms on more than
6,400 e-commerce sites worldwide. The OTA report compiled external sources that
estimated a 78% increase in these types of attacks in 2018, with two-thirds of
organizations having experienced an attack at an average cost of $1.1 million, and
estimates that half of all cyber attacks involve the supply chain.
�
-������ Governments Under Attack
While the
total number of ransomware attacks was down in 2018, the OTA report noted a
troubling rise in reported ransomware attacks against state and local
governments in 2018 and early 2019. Breaches targeting the cities of Baltimore
and Atlanta led to the disruption of many government services and the
rebuilding of entire network structures. Local governments are particularly
vulnerable given that they often rely on outdated technology and are running
old software and operating systems.
�
-������
Issues
in the Cloud
While also not new, 2018 brought a rash of sensitive data being
left open to the Internet due to misconfigured cloud services. Given the number
of businesses that rely on companies like Amazon, Google, and Microsoft for
some or all of their cloud needs, it is increasingly important to ensure cloud
storage is secure. The report noted that one common problem with cloud
computing isn't even a true "attack", but user error. Configuring data storage
correctly is the responsibility of the data's owner, not of the cloud service
and it's often improperly done.
�
-������ Credential
Stuffing Rises
OTA found an increase in credential stuffing in 2018, an attack
type that recently gained prominence. Given that there are now more than 2.2
billion breached credentials in play and users often rely on identical logins
across services, attackers are harnessing ultra-fast computers and known
username/password pairs or commonly used passwords to gain access directly to
accounts across a wide range of industries. Several high-profile attacks
occurred in 2018, and though many were initially believed to be breaches, they
turned out to be brute-force credential attacks.
�
Most Breaches Preventable
As in past years, OTA found most breaches
could have been easily prevented. It calculated that in 2018, 95 percent of all
breaches could have been avoided through simple and common-sense
approaches to improving security. The report provides a
checklist.
�
"Our report findings indicate that
cybercriminals are using their infiltration ability to focus on new, more
lucrative attacks," continued Wilbur. "Staying up-to-date on the latest
security safeguards and best practices is crucial to preventing attacks in the
future."
�
Methodology
OTA came to its conclusions in the report by tracking and
analyzing threat intelligence data from multiple sources. These sources included
but are not limited to Risk Based Security, Identity Theft Resource Center,
Privacy Rights Clearinghouse, DLA Piper, Symantec, the FBI, and more.
About OTA
The Internet Society's Online Trust Alliance (OTA)
identifies and promotes security and privacy best practices that build consumer
confidence in the Internet. Leading public and private organizations, vendors,
researchers, and policymakers contribute to and follow OTA's guidance to help
make online transactions safer and better protect users' data. The Internet Society
is a global nonprofit dedicated to ensuring an open, globally connected,
trustworthy, and secure Internet for everyone.