The Online Trust Alliance´s “Cyber Incident & Breach Trends Report” has revealed that 2017 was the “worst year ever” for cybersecurity attacks. The organization believes that, calculated using the number of reported violations, there were nearly twice as many cybersecurity incidents than in 2016.
The Online Trust Alliance´s “Cyber Incident & Breach Trends Report” encompasses more than a simple review of the previous year’s cybersecurity attacks. The organization looks into how the incidents happened in order to discover trends, and what could have been done to avoid the incidents so that businesses can adapt appropriate measures to secure themselves against future incidents.
The group believes that the report´’ headline figure of 159,700 cybersecurity incidents is a guesstimate calculated using the number of cyber incidents reported during the third quarter of 2017. As the report reveals, many incidents are not officially reported, and the correct figure could be much higher than this. However, using the same criteria, the group guesstimated the amount of cybersecurity incidents in 2016 at 82,000 – suggesting that there were nearly twice as many in 2017.
Cybersecurity Attack Trends
The noticeable trends in cybersecurity incidents outlined by the Online Trust Alliance will not be a shock to regular visitors to Network Security News. Ransomware campaigns saw the largest increase in numbers, but another style of ransom-based attack – the Ransom Denial-of-Service (RDoS) attack – was also seen as growing more popular among cybercriminals. In this style of attack, cybercriminals threaten a Dedicated Denial-of-Service (DDoS) attack unless there is an advance ransom payment made.
The group also referred to the fact that the new risk threats created by the growth in IoT devices, and an 85% rise in malicious email. The rise in malicious mail included a 90% growth in business-targeted ransomware and an increase in the number of BEC attacks. It was estimated there had been a four-fold rise in the amount of records breached in 2017 and an believed loss to US firmss of $1.6 billion due to BEC attacks filed to the FBI (since 2015).
Incidents Are Avoidable
Those with compiled the report argue that 93% of breaches could have been avoided with proper measures and due diligence. The key avoidable factors leading to incidents were the failure to constantly patch software weaknesses and implement appropriate controls to stop insider theft or the accidental exposure of confidential information. As most successful ransomware attacks are kicked off by malicious emails, the report suggests not enough is being completed to prevent spam and train users to identify phishing attacks.
Other areas referred to as being preventable causes of cybersecurity incidents included:
- The absence of an adequate risk assessment to incorporate internal and external partners, and third-party or cloud-based companies.
- Improperly configured servers and devices, and outdated operating systems and applications that no longer had valid support.
- The failure to adequately encrypt data and securely manage encryption keys. The absence of encryption led to a theft of data when devices and drives are lost, stolen or digitally hacked.
The “Cyber Incident & Breach Trends Report” does not reveal anything that most healthcare IT workers are not already knowledgeable of. However it does serve as a good summary of best practices businesses should implement to minimize the risk of cybersecurity incidents. One particularly relevant point made in the report stated that “security and privacy are not absolute and must evolve”. Businesses are advised to consistently review their processes for creating, maintaining and sending data, especially in light of evolving threats, latest technologies and new legislation.