Directive Blogs
Where We Stand: 2017’s Cybersecurity in Review (So Far)
After a year like 2016, it should come as no surprise that 2017 has been a year of significant cyber threats. Looking back on the events of the year so far may help us to anticipate what kind of threats we can anticipate in the second half of 2017.
The Who, and the Why
First, it is important to understand who is responsible for these cyber threats. Largely thanks to modern media, the term ‘hacker’ likely brings up thoughts of rogue cyber criminals and political groups, and less likely thoughts of someone who works in some other department copying company files over to a personal drive. While the threat that the second group presents (especially to businesses) should not be underestimated, there is some evidence that this focus outside may be advisable--three-quarters of all breaches were the result of outsider activities.
Less surprising are the motives behind most recorded cyber crimes. A recorded 66 percent of attacks were financially motivated, which is in line with some of the other patterns that analysis uncovered.
Threats and Attack Vectors
Mobile malware -- First in our review were the variety of malwares that strike against mobile devices. In Q4 of last year, only one Android malware family had reached the top ranks of malware samples. However, Q1 of this year saw three reach the top.
Moreover, Android malware went from representing 1.7 percent of malware in Q4, to 8.7 percent in Q1 (although some of this can be attributed to a decrease in the volume of the total malware). Despite this, mobile malware infections increased in all regions (with exception to the Middle East) at a rate that has some statistic significance.
Ransomware -- Unfortunately, no rundown of the biggest cybersecurity threats of today would be complete without mentioning ransomware. Possibly one of the most mean-spirited methods of attack available to a cyber criminal today, this variety of malware infamously encrypts its victim’s systems before demanding payment for them to be decrypted.
What’s worse, some ransomware developers began to offer their products through the “as-a-service” model. 72 percent of all malware incidents that affected the healthcare industry were the result of ransomware. The variety of ransomware in the wild rose throughout 2015 and 2016, before suddenly dropping by 70% due to fewer generic ransomware detections and the efforts of the security industry as a whole. Nevertheless, close to 10 percent of firms reported ransomware and related activities in Q1 of this year, and this was before the worldwide spread of WannaCry.
Phishing Attacks -- Phishing also continued to prove itself an effective method against targeted users. The act of manipulating a user into acting against their own interest via a convincing message, phishing has been successfully used to install unwanted software on a victim’s systems, steal data, and much more. Out of around 1,600 recorded incidents and 800 recorded breaches, phishing was present in some way in over 90% of both.
Consistent with findings from last year, successful phishing attacks were incredibly likely to include an unwanted installation of software. This year, 95 percent of successful phishing attempts led to some sort of software being installed on the victim’s systems.
The What (To Do)
Putting it very simply, the best thing that companies can do moving forward is to take their cybersecurity seriously. Many attack vectors that cyber criminals rely upon can be avoided with some caution on the part of your users. Education and enforcement of the guidelines you hold your organization to are key to keeping yourself safe from threats like the ones described here, and others.
Keep reading our blog to learn more about your IT, and reach out to us to find out how we can also help you stay safe from these kinds of threats. Give us a call at 607.433.2200 today.