“Traveling through hyperspace ain’t like dusting crops, farm boy.” – Han Solo in Star Wars – A New Hope
Protecting against cyber attacks isn’t so easy either, so it seems. In 2017, ransomware damage costs alone surpassed $5 billion, and damage caused by cyber attacks overall is projected to hit $6 trillion per year by 2021. According to Gartner, spending on information security reached over $86 billion in 2017 and is estimated to reach $93 billion in 2018. Healthcare, financial, and government organizations are top targets for cybercriminals. Bruce Carnegie-Brown, chairman of Lloyds, sums it up when he said in an interview in June 2018 that cyber crime “is probably the fastest developing risk globally.”
“It’s a trap!” – Admiral Ackbar in Return of the Jedi
Many cyber attacks are indeed designed to trap unsuspecting users. Many attack vectors successfully target the weakest link in the security chain – the human element. Whether it’s tricking a user to provide credentials or ransomware, every organization should know what cyber attacks are most impactful today and what to do about it.
Take a sneak peek at four attacks from our list:
A phishing attack targets people through email where the perpetrator attempts to elicit fear, curiosity, or a sense of urgency to coerce the target to open an attachment, click on a link, and otherwise provide sensitive information; in this case, the victim is ‘duped’ into providing this data. According to the DBIR Report (Verizon Data Breach Investigations Report), 30% of phishing messages are opened by the target, and 12% of those users open the malicious attachment or link.
Social engineering includes a broad range of malicious activities that rely on human error rather than vulnerabilities in software and operating systems. Mistakes made by legitimate users or insiders who are otherwise fooled into handing over confidential data are less predictable and are more difficult to detect or prevent than a malware-based intrusion. Attacks are commonly directed towards an individual and take place face-to-face, over the phone, or by email. Surprisingly, 63% of data breaches originate from internal sources.
These attacks occur when someone infiltrates a system through an outside partner or provider with access to the systems and data. The attack surface of an organization changes and is potentially more vulnerable if the partner’s security posture is weak. According to a survey conducted in 2017 by the Ponemon Institute, 56 percent of organizations have had a breach that was caused by one of their vendors.
Of the 10 types of crimeware cited in the Verizon DBIR report, the overwhelming attack vector is ransomware. Usually, this is carried out by the attacker sending an email with an attachment or web link. Designed to appear authentic, the recipient opens the attachment or link. This results in the victim’s data being encrypted or otherwise inaccessible and can only be decrypted by paying a ransom to the attacker. Ransomware comprises close to half of the crimeware incidents and is the most significant malware threat today.
“Use the force, Luke.” – Obi-Wan Kenobi in Star Wars – A New Hope
Although we can’t use ‘the force’ against cyber attacks, it is critically important to take measures to stay safe. As attacks evolve and become more sophisticated, organizations need to counteract these attacks with sophisticated and advanced threat prevention solutions. In addition to the four attacks mentioned above, the ebook dives into six other attack vectors every organization should be aware of.
Organizations that are top targets (healthcare, finance, and government) are especially urged to invest in cybersecurity. Experts predict ransomware attacks against healthcare will quadruple by 2020. Statistics such as this highlight the exponential increase in attacks as well as sophistication requires an equally dynamic solution.
MDR (managed detection and response) services should be a top priority in protecting businesses against cyber attacks. MDR solutions provide organizations with experienced security experts and security solutions based on the latest threat landscape, and can continuously adapt to protect your organization from serious losses.
“Page turners, they were not.” – Yoda in Star Wars – The Last Jedi
Yoda may not have thought the Jedi texts were interesting reading, but Cyberint’s eBook on the Top 10 Digital Attack Vectors is full of the latest statistics and details on the most prevalent attacks facing enterprises today. Also included is expert advice on the most effective methods in defending against these threats. Download the eBook today for full details on the top 10 attacks most relevant today.