Story image

Ransomware on the rise, creeping into business critical systems

10 Apr 2018

Despite many sources saying ransomware is in decline, a new report from Verizon has proven the malware is still the most prominent form of malicious software.

Not only that, but it’s also on the rise. Verizon’s 2018 Data Breach Investigations Report (DBIR) found ransomware in 39 percent of malware-related data breaches, which is more than double that of last year’s DBIR and accounts for more than 700 incidents.

The report found that attacks are now moving into business critical systems, encrypting file servers or databases to ultimately inflict more damage command more substantial ransom requests.

Humans continue to be a key weakness within enterprises, with employees still falling victim to social attacks.

Financial pretexting and phishing represent 98 percent of social incidents and 93 percent of all breaches investigated – with email continuing to be the main entry point (96 percent of cases). Companies are nearly three times more likely to get breached by social attacks than via actual vulnerabilities, emphasising the need for ongoing employee cybersecurity education.

The report found financial pretexting to be targeting HR specifically after increasing more than five times since the 2017 DBIR, with 88 of these incidents targeting HR staff to obtain personal data for the filing of fraudulent tax returns.

Verizon says a particular concerning statistic from the report is that four percent of people failed a phishing test for any given phishing campaign. This might sound miniscule, but a cybercriminals only needs one victim to get access into an organisation.

“Businesses find it difficult to keep abreast of the threat landscape, and continue to put themselves at risk by not adopting dynamic and proactive security strategies,” says Verizon Enterprise Solutions president George Fischer.

DDoS attacks are rampant and are often used as camouflage to hide other breaches in progress by being started, stopped and restarted.

Verizon found that most breaches were caused by hackers outside of organisations, with 72 percent of attacks perpetrated by outsiders, 27 percent involved internal actors, 2 percent involved partners and 2 percent featured multiple partners. Organised crime groups still account for 50 percent of all the attacks analysed.

“Ransomware remains a significant threat for companies of all sizes,” says Bryan Sartin, executive director security professional services, Verizon. “It is now the most prevalent form of malware, and its use has increased significantly over recent years,” says Verizon security professional services executive director.

“What is interesting to us is that businesses are still not investing in appropriate security strategies to combat ransomware, meaning they end up with no option but to pay the ransom – the cybercriminal is the only winner here! As an industry, we have to help our customers take a more proactive approach to their security.”

The report also analysed the biggest risks per industry, with some of the main industries including:

  • Education – Social engineering targeting personal information is high, which is then used for identity fraud. Highly sensitive research is also at risk, with 20 percent of attacks motivated by espionage. Eleven percent of attacks also have “fun” as the motive rather than financial gain.

  • Financial and insurance – Payment card skimmers installed on ATMs are still big business; however, we’re also now seeing a rise in “ATM jackpotting,” where fraudulently installed software or hardware instructs the ATMs to release large amounts of cash. DDoS attacks are also a threat.

  • Healthcare – This is the only industry where insider threats are greater than threats from the outside. Human error remains a major contributor to healthcare risks.

  • Information – DDoS attacks account for over half (56 percent) of the incidents within this sector.

  • Public sector – Cyber-espionage remains a major concern, with 43 percent of breaches being espionage motivated. However, it is not only state-secrets that are a target - personal data is also at risk.

Sixty-eight percent of breaches took months or longer to discover, even though 87 percent of the breaches examined had data compromised within minutes or less of the attack taking place, which is why Verizon says the time to act is now.

Thycotic debunks top Privileged Access Management myths
Privileged Access encompasses access to computers, networks and network devices, software applications, digital documents and other digital assets.
Veeam reports double-digit Q1 growth
We are now focussed on an aggressive strategy to help businesses transition to cloud with Backup and Cloud Data Management solutions.
Paving the road to self-sovereign identity using blockchain
Internet users are often required to input personal information and highly-valuable data from contact numbers to email addresses to make use of the various platforms and services available online.
Tech Data to distribute Nutanix backup solution in A/NZ
Tech Data will distribute HYCU Data Protection for Nutanix backup and recovery software to their network of partners across Australia and New Zealand.
Veeam releases v3 of its MS Office backup solution
One of Veeam’s most popular solutions, Backup for Office 365, has been upgraded again with greater speed, security and analytics.
Too many 'critical' vulnerabilities to patch? Tenable opts for a different approach
Tenable is hedging all of its security bets on the power of predictive, as the company announced general available of its Predictive Prioritisation solution within Tenable.io.
Safety solutions startup wins ‘radical generosity’ funding
Guardian Angel Security was one of five New Zealand businesses selected by 500 women (SheEO Activators) who contributed $1100 each.
Industrial control component vulnerabilities up 30%
Positive Technologies says exploitation of these vulnerabilities could disturb operations by disrupting command transfer between components.