Ransomware and phishing remain the leading forms of attack, and non-targeted attacks are on the rise, a new report found.
When it comes to businesses, last year security provider, CyberScout’s clients experienced 176 reactive data breaches that had an impact on the personal information of 118,057 individual victims, according to the Intelligence Report: 2019 CyberScout Global Insights.
There was a sustained increase in non-targeted cyber attacks last year, the report said. Small and midsized enterprises (SMEs) have been the most frequent victims of these attacks. In non-targeted attacks, cyber criminals have not studied and stalked the potential target business.
Instead, they exploit known vulnerabilities in a software application commonly used in businesses. The attacker runs the exploit against a broad range of IP addresses, identifying enterprises that are susceptible. With an inventory of potential targets, cyber criminals then launch ransomware and malware attacks, the report said.
“Nearly 70 percent of the incidents CyberScout deals with are related to human error of some description,” said Tom Spier, commercial director of global markets at CyberScout. “Someone has clicked on a link, downloaded something they should not have, or visited a counterfeit website. If you can educate people into changing those small behaviors, that makes a huge difference.”
Sometimes, a sophisticated cyber attack is not necessary for identity thieves to obtain valuable personal information. When businesses improperly dispose of paper records or old hard drives, employee or customer information ends up easily exposed. Fortunately, CyberScout found a decrease in this type of data privacy incident, as companies have gained awareness of the danger and found affordable third-party disposal services.
For the past several years, businesses have seen the threat of ransomware rising. Unfortunately, businesses can expect to see the trend continue this year, the report said. Ransomware has become an everyday situation for businesses of all sizes. It can be particularly devastating for smaller businesses that may lack IT resources and effective cybersecurity processes and tools.
The trend CyberScout found in ransomware is it is creating more damage than serving as an effective means of extortion.
There are several reasons behind this trend. First, ransomware tools have become democratized. Extortionists no longer need be hackers in order to purchase the code and launch a ransomware campaign. Consequently, attackers fail to collect any ransom money through sheer ineptitude and lack of coding skills. That doesn’t stop them from destroying enterprise data with their failed attempts.
Government bad actors also use ransomware to attack intended target nations or geographical regions. Ransomware rarely remains geographically contained in a world of digital business, ubiquitous mobile devices and globalized commerce. Once loosed, ransomware can explode and spread erratically blasting untargeted nations, industries and businesses with “cyber shrapnel.”
One perfect case in point was the Not.Petya ransomware that Russia targeted against the Ukrainian power grid in 2017. Before it was over, Russian oil companies and utilities became collateral damage due to ‘friendly fire.’
For the past decade, cybercriminals have focused their activities on stealing data — particularly lucrative corporate secrets and the personal identifying and financial data of individuals. Early on, data breaches were sophisticated operations pulled off by highly skilled hackers. Today, hacking tools and malware are commoditized, and tens of thousands of cyber criminals are having varying degrees of success bombarding the world with ransomware, phishing emails, and other attacks.
In ransomware, thieves extort a business for ransom by locking up enterprise data. What if the systems didn’t lock up and all that was stolen was a portion of the computing power on a corporate network or in a multitude of private homes? Crypto mining requires huge computing capacity and generates very large electricity bills. If criminals could mine using the infrastructure and utilities of a distributed network of computers, any resulting cryptocurrency obtained would be pure profit.
In businesses with hundreds or thousands of individual PCs and laptops, the resulting loss of computing power and productivity—in aggregate—could negatively impact the bottom line. Yet, the typical business computer users and individuals would probably never notice a slowdown. In most cases, only gamers, graphics designers and other extreme users might notice.
“Over the next three to four years, I think we will see savvy thieves move away from locking up your data and instead co-opt your computing power to conduct criminal activities,” said Eduard Goodman, chief privacy officer at CyberScout. “They will steal your infrastructure and electricity to mine cryptocurrency or launch cyber attacks.”