Story image

Ransomware on the rise, creeping into business critical systems

10 Apr 2018

Despite many sources saying ransomware is in decline, a new report from Verizon has proven the malware is still the most prominent form of malicious software.

Not only that, but it’s also on the rise. Verizon’s 2018 Data Breach Investigations Report (DBIR) found ransomware in 39 percent of malware-related data breaches, which is more than double that of last year’s DBIR and accounts for more than 700 incidents.

The report found that attacks are now moving into business critical systems, encrypting file servers or databases to ultimately inflict more damage command more substantial ransom requests.

Humans continue to be a key weakness within enterprises, with employees still falling victim to social attacks.

Financial pretexting and phishing represent 98 percent of social incidents and 93 percent of all breaches investigated – with email continuing to be the main entry point (96 percent of cases). Companies are nearly three times more likely to get breached by social attacks than via actual vulnerabilities, emphasising the need for ongoing employee cybersecurity education.

The report found financial pretexting to be targeting HR specifically after increasing more than five times since the 2017 DBIR, with 88 of these incidents targeting HR staff to obtain personal data for the filing of fraudulent tax returns.

Verizon says a particular concerning statistic from the report is that four percent of people failed a phishing test for any given phishing campaign. This might sound miniscule, but a cybercriminals only needs one victim to get access into an organisation.

“Businesses find it difficult to keep abreast of the threat landscape, and continue to put themselves at risk by not adopting dynamic and proactive security strategies,” says Verizon Enterprise Solutions president George Fischer.

DDoS attacks are rampant and are often used as camouflage to hide other breaches in progress by being started, stopped and restarted.

Verizon found that most breaches were caused by hackers outside of organisations, with 72 percent of attacks perpetrated by outsiders, 27 percent involved internal actors, 2 percent involved partners and 2 percent featured multiple partners. Organised crime groups still account for 50 percent of all the attacks analysed.

“Ransomware remains a significant threat for companies of all sizes,” says Bryan Sartin, executive director security professional services, Verizon. “It is now the most prevalent form of malware, and its use has increased significantly over recent years,” says Verizon security professional services executive director.

“What is interesting to us is that businesses are still not investing in appropriate security strategies to combat ransomware, meaning they end up with no option but to pay the ransom – the cybercriminal is the only winner here! As an industry, we have to help our customers take a more proactive approach to their security.”

The report also analysed the biggest risks per industry, with some of the main industries including:

  • Education – Social engineering targeting personal information is high, which is then used for identity fraud. Highly sensitive research is also at risk, with 20 percent of attacks motivated by espionage. Eleven percent of attacks also have “fun” as the motive rather than financial gain.

  • Financial and insurance – Payment card skimmers installed on ATMs are still big business; however, we’re also now seeing a rise in “ATM jackpotting,” where fraudulently installed software or hardware instructs the ATMs to release large amounts of cash. DDoS attacks are also a threat.

  • Healthcare – This is the only industry where insider threats are greater than threats from the outside. Human error remains a major contributor to healthcare risks.

  • Information – DDoS attacks account for over half (56 percent) of the incidents within this sector.

  • Public sector – Cyber-espionage remains a major concern, with 43 percent of breaches being espionage motivated. However, it is not only state-secrets that are a target - personal data is also at risk.

Sixty-eight percent of breaches took months or longer to discover, even though 87 percent of the breaches examined had data compromised within minutes or less of the attack taking place, which is why Verizon says the time to act is now.

The attack surface: 2019's biggest security threat
As businesses expand, so does their attack surface – and that may be the biggest cybersecurity risk of them all, according to Aon’s 2019 Cyber Security Risk Report.
Opinion: Cybersecurity as a service answer to urgent change
Alan Calder believes a CSaaS model can enable a company to build a cyber resilience strategy in a coherent and consistent manner.
New threat rears its head in new malware report
Check Point’s researchers view Speakup as a significant threat, as it can be used to download and spread any malware.
Oracle updates enterprise blockchain platform
Oracle’s enterprise blockchain has been updated to include more capabilities to enhance development, integration, and deployment of customers’ new blockchain applications.
Used device market held back by lack of data security regulations
Mobile device users are sceptical about trading in their old device because they are concerned that data on those devices may be accessed or compromised after they hand it over.
Gartner names ExtraHop leader in network performance monitoring
ExtraHop provides enterprise cyber analytics that deliver security and performance from the inside out.
Symantec acquires zero trust innovator Luminate Security
Luminate’s Secure Access Cloud is supposedly natively constructed for a cloud-oriented, perimeter-less world.
Palo Alto releases new, feature-rich firewall
Palo Alto is calling it the ‘fastest-ever next-generation firewall’ with integrated cloud-based DNS Security service to stop attacks.