CybersecurityCyber incidents doubled in 2017

Published 29 January 2018

The Online Trust Alliance (OTA) has just released its Cyber Incident & Breach Trends Report. OTA’s annual analysis found that cyber incidents targeting businesses nearly doubled from 82,000 in 2016 to 159,700 in 2017. Since the majority of cyber incidents are never reported, OTA believes the actual number in 2017 could easily exceed 350,000. The report analyzes data breaches, ransomware targeting businesses, business email compromise (BEC), distributed denial of service attacks (DDoS), and takeover of critical infrastructure and physical systems over the course of a year.

Cyber incidents continued to rise in 2017 // Source: theconversation.com

The Online Trust Alliance (OTA), an Internet Society initiative with the mission to enhance online trust, has just released its Cyber Incident & Breach Trends Report. OTA’s annual analysis found that cyber incidents targeting businesses nearly doubled from 82,000 in 2016 to 159,700 in 2017. Since the majority of cyber incidents are never reported, OTA believes the actual number in 2017 could easily exceed 350,000.

In the report, OTA analyzes data breaches, ransomware targeting businesses, business email compromise (BEC), distributed denial of service attacks (DDoS), and takeover of critical infrastructure and physical systems over the course of a year. It highlights the Internet Society’s concerns around how large-scale data breaches, uncertainties about how data is being used, cybercrime and other online threats are impacting Internet users’ trust in the Internet.

“Surprising no one, 2017 marked another ‘worst year ever’ in data breaches and cyber incidents around the world,” said Jeff Wilbur, director of the OTA initiative at the Internet Society. “This year’s big increase in cyberattacks can be attributed to the skyrocketing instances of ransomware and the bold new methods of criminals using this attack.”

OTA says that it found that in 2017 there were 134,000 ransomware attacks on businesses, nearly doubling that of 2016. In mid-2017 another type of ransomware attack emerged—the ransom denial-of-service attack (RDoS). In this attack, criminals send an email to domain owners threatening a DDoS attack that will make a website inoperable unless a ransom (usually via Bitcoin) is paid. OTA recommends proactive planning for crisis management, forensics specialists and law enforcement, and suggests that organizations be prepared by setting up a Bitcoin wallet in the event ransom payment is deemed necessary for a given incident.

Breaches easily avoidable

As in past years, OTA found most breaches could have been easily prevented. It calculated that in 2017, 93 percent of all breaches could have been avoided had simple steps been taken such as regularly updating software, blocking fake email messages using email authentication and training people to recognize phishing attacks. Of the reported breaches in 2017, OTA found 52 percent were the result of actual hacks, 15 percent were due to lack of proper security software, 11 percent were due to physical skimming of credit cards, 11 percent were due to a lack of internal controls preventing employees’ negligent or malicious actions and eight percent were due to phishing attacks.

“Regular patching has always been a best practice and neglecting it is a known cause of many breaches, but this received special attention in 2017 in light of the Equifax breach,” said Wilbur. “In 2018 we expect patches to play an even more integral role due to the recently discovered Spectre and Meltdown vulnerabilities where nearly every computer chip manufactured in the last 20 years was found to contain fundamental security flaws.”

Methodology
OTA notes that it came to its conclusions in the report by tracking and analyzing threat intelligence data from multiple sources. These sources included but are not limited to Cybersecurity Ventures, the FBI, Malwarebytes, the Ponemon Institute, Proofpoint, Risk Based Security, Symantec and Verizon.

This report, released in recognition of Data Privacy & Protection Day on 28 January, is a precursor to OTA’s tenth annual Cyber Incident & Breach Response Guide, to be released in the coming months. The guide provides organizations with tools to enhance data protection, adopt responsible privacy practices and help to detect, mitigate and effectively respond to a cyber incident.