All You Need to Know: Takeaways from Key Cyber Report
Small businesses are the major prize for cybercriminals- accounting for nearly half of the recorded breaches; read on to the end to find out the best practices for staying safe, and your data untouched.
Last week, we reported on a study from Verizon with wide-scale ramifications for organisations everywhere. The report was compiled through thorough analysis of 41,686 ‘security incidents’, of which 2,013 were confirmed data breaches from 73 separate data sources where a third-party was able to access the data lurking inside an organisation’s network. It took account of data from both public and private entities across 86 countries, meaning it is one of the most wide-sprawling and accurate depictions of the state of data protection in recent months.
It’s a wide-sprawling and dense report, so we figured we’d give you the key takeaways from the report right here. As the authors note, “no matter what defensive measures security professionals put in place, attackers are able to circumvent them.”
“No organisation is too large or too small to fall victim to a data breach.”
“Having a sound understanding of the threats you and your peer organizations face, how they have evolved over time and which tactics are most likely to be utilized can prepare you to manage these risks more effectively and efficiently.”
Of all recorded breaches in the report, small businesses were by far the biggest target for cyber criminals, according for 43% of all recorded breaches. The public sector took second place with 16%, healthcare organisations with 15%, while financial services accounted for 10% of breach victims.
-In terms of who was behind the attack, 69% of perpetrators were from outside the organisation, while interestingly, 34% involved in ‘inside actor’; organised criminal groups accounted for 39%.
Mid-level executives are 12-times more likely to be the target of social incidents, and nine-times more likely to be the target of social breaches than in previous years, according to the report. “To further underline the growth of financial social engineering attacks, both security incidents and data breaches that compromised executives rose from single digits to dozens,” according to the report.
-Ransomware attacks are on the rise, and account for just under a quarter (24%) of all incidents where malware was used. Ransomware has become somewhat of a go-to for hackers, as they recognise the captured data is precious to an organisation, and many executives will pay a price to keep the damage - and news of the breach - under wraps from stakeholders.
-Attacks on cloud databases continue to soar. More and more companies are moving their physical infrastructure, email and data storage to cloud providers, which often provide an economic incentive for organisations to make the switch. There is a tradeoff, however. Cybercriminals are doubling-down on their efforts to compromise cloud servers even from some of the world’s largest providers. The authors of the report note that “criminals simply shift their focus and adapt their tactics to local and steal the data they find to be of the most value.” There has been an observed rise in the number of attacks targeting cloud-based email servers, typically through the utilisation of stolen credentials; often through phishing scams.
-Human Resources sector is more secure than ever. In previous years, the number of attacks targeting HR personnel was on the rise, as they provided a way in to the organisation in question and were more likely to fall victim of phishing scams. In this edition of the report, however, the authors noted there was a six-fold decrease in the number of human resource personnel impacted in just a one-year period.
Less phish are biting, according to the study. “Click-through rates on phishing simulations for data partners fell from 24% to just 3% during the past seven years,” the authors noted. However, they also made note of the fact that 18% of the subjects that clicked on test phishing links did so on mobile devices. According to research purported by the authors, mobile users are more susceptible to phishing, probably because of their user interfaces.
Best Practices to Prevent Breaches
The following is extracted from the report, which you can access here
Keep it clean
Many breaches are the result of poor security hygiene and a lack of attention to detail. Clean up human error where possible, then establish an asset and security baseline around internet-facing assets like web servers and cloud services.
Web application compromises now include code that can capture data entered into web forms. Consider adding file integrity monitoring on payment sites, in addition to patching operating systems and coding payment applications.
Redouble your efforts
Two-factor-authentication for everything. Use strong authentication on customer-facing applications, any remote access and cloud-based email. There are examples of 2FA vulnerabilities, but they don’t excuse lack of implementation.
Track insider behaviour by monitoring and logging access to sensitive data. Make it clear to staff just how good you are at recognizing fraudulent transactions.
Distributed denial of service (DDoS0 protection is an essential control for many industries. Guard against non malicious interruptions with continuous monitoring and capacity planning for traffic spikes.
Stay Socially Aware
Social attacks are effective ways to capture credentials. Monitor email for links and executables. Give your teams ways to report potential phishing or pretexting.