sb-nz logo
Story image

Data is more valuable to cyber attackers than cash - report

03 Apr 2020

Positive Technologies (PT) has today released a report, revealing a shift in motivations for attacks on individuals – data is now more desirable than direct financial gain.

Data theft was the goal of more than half of all attacks in 2019, according to PT. This is a 20 percentage point increase compared to 2018 when data theft was the goal of only 30% of incidents. 

Data theft was also the biggest driver for attacks on both individuals (57%) and organizations (60%) in 2019. 

Personal data, login credentials and credit card details were more valuable to attackers in 2019 than direct acquirement of cash, indicating the strength of the black market trading in data.
 

Targeted attacks becoming more popular

The report also reveals that the percentage of targeted attacks is much greater than that of mass attacks.

According to the study, the number of unique cyberattacks increased by 19% year-on-year, and the percentage of targeted attacks increased by 5 percentage points compared to 2018, now standing at 60%. 

PT experts noted that the number of attacks increased every quarter. In Q1, 47% of attacks were targeted. At the end of the year, this figure had grown to 67%.

“The increase in targeted attacks is due to several reasons,” says Positive Technologies director of Expert Security Center Alexey Novikov.

“Every year we see new groups of attackers specialising in advanced persistent threats. During 2019, the PT ESC tracked APT attacks by 27 groups, ranging from well-known groups, such as Cobalt, Silence, and APT28, to relatively unknown newcomers. 

“Companies are paying closer attention to cybersecurity, and implementing and using special security tools (such as anti-APT solutions) to detect and prevent complex attacks. 

“This makes it easier to detect malicious activity more accurately and significantly reduces dwell time,” says Novikov.

“Because of this, information on individual incidents and particular tactics and tools used by different APT groups becomes public knowledge and can be used as intelligence to bolster countermeasures.”
 

Advances in malware prompt a shift in cybersecurity behaviour

Security teams should shift their attention from prevention of attacks in the perimeter to timely detection and response inside the network, says PT. 

Considering the increase of targeted attacks, threat actors are constantly evolving their tactics, and malware is becoming more complex. Bearing this is mind, PT experts predict that in the next few years, security will be centred around constant monitoring of security incidents, advanced network traffic analysis, and retrospective network events analysis.

Top targeted sectors were government, industrial, healthcare, science and education, and finance, according to the report.

Industrial companies accounted for 10% of attack targets, compared to just 4% in 2018.
 

Ransomware on the rise

In 2019, ransomware accounted for 31% of all infections, and the average ransom paid numbered in the hundreds of thousands of dollars. 

2019 also saw a shift in tactics used by ransomware perpetrators: if a ransomware victim refused to pay, malware operators threatened to disclose the data they copied before encrypting it. 

PT says it expects a new wave of ransomware attacks in 2020, in which hackers hold victim data hostage and disclose information of those who refuse to pay.

Story image
Protegrity rolls out updates to data protection platform
Protegrity has updated its Protegrity Data Protection Platform to better secure sensitive data in hybrid-cloud, multi-cloud and SaaS environments.More
Story image
Interview: How cyber hygiene supports security culture - ThreatQuotient
We spoke with ThreatQuotient’s APJC regional director Anthony Stitt to dig deeper into cyber hygiene, security culture, threat intelligence, and the tools that support them.More
Link image
The importance of data resilience in the current cybersecurity climate
Protecting an organisation's data is one of the most crucial functions of any CISO. Strategies should be in place where data is stored securely and cost-effectively.More
Story image
Video: 10 Minute IT Jams - Who is LogRhythm?
LogRhythm VP of sales for Asia Pacific Simon Howe, who discusses the company's primary offerings and services, what products the company is focused on for the future, and the infrastructure it has in the A/NZ market.More
Story image
How to secure your business against DDoS Attacks
With the upward trend of DDoS attacks this year, and an increased dependency on online channels across all industries, businesses need to be prepared, so they don’t suffer any disruption. More
Story image
New project development inhibited by cybersecurity, Kaspersky research states
"There are still some practical steps that can be taken to make sure that an emerging technology or a product reaches its launch. Cybersecurity doesn’t have to be another corporate barrier, but it should be on an integral part of the project all long."More