Cybersecurity stats show 2017 as another “worst year ever” for cyberattacks. There were several large breaches in personal data, including Equifax’s security breach that exposed nearly 145 million people. According to the Online Trust Alliance, there was even a 90% rise in business targeted ransomware.
But how has 2018 compared so far? Cybersecurity stats for 2018 show several significant trends. Politically-charged cyberattacks and ransomware have been on the rise. As a matter of fact, the number of large cyberattacks in general has risen significantly.
In 2016 there were 16 significant cyberattacks between January and April. In 2017, there were 15 over the same period. For 2018? There 27 noteworthy cyberattacks from January to April. Approximately 23 of those attacks were politically-motivated.
Let’s break down these 2018 cybersecurity stats, and take a look at how cybersecurity trends may impact your business.
2018 cybersecurity stats are greatly influenced by several major events.
In July 2018, the United States is still dealing with Russian influence on the 2016 presidential election. North Korean hacking groups have managed to edge their way onto center stage as they attack industries in Japan, Vietnam, and the Middle East. Europe has not escaped the notice of cyber attackers. In April, the Chief of Germany’s domestic intelligences services accused Russia of attacking their government’s computer networks in December 2017.
The political turmoil caused by cyberattacks has become so bad that Alphabet, Google’s parent company, has announced a new cybersecurity solution through their company, Jigsaw. Jigsaw’s “Protect Your Election Initiative” recently launched Project Shield, a form of protection again distributed denial of service (DDOS) attacks.
Jigsaw has been offering Project Shield free to journalists and human rights workers. But now the service will extend to cover political campaigns and websites as well. Project Shield works off of Google’s infrastructure to protect free speech across newspapers and other channels.
While Project Shield is an amazing product in its own right, it is part of a larger trend. After the turmoil caused by the Russian interference in the 2016 election, the world has taken notice of the effects of political cybercrime. Voters will no longer trust just any source and initiatives like Protect Your Election are becoming necessary.
Distributed denial of service attacks are a large cybersecurity risk. These types of attacks immobilize websites by overwhelming them with traffic.
In the first quarter of 2018, distributed denial of service attacks occurred in 79 countries. Even though the fourth quarter of 2017 had slightly more attacks than 2018’s first quarter, don’t get your hopes up that this type of cybercrime will be going away in 2018. As a matter of fact, more than 2000 DDoS attacks occur daily worldwide.
Why are these types of attacks so popular? Three reasons: they’re cheap, easy to implement, and can make the implementers a lot of money. DDoS can be used as a for-hire service where users pay the company for cyberattacks on the dark web.
In April 2018, European law enforcement took down webstresser.org, a website that helped launch up to 6 million DDoS attacks for as many as 136,000 registered users. The four administrators of the site were arrested separately in the United Kingdom, Canada, Croatia, and Serbia. The infrastructure for the site was seized in Germany.
Webstresser.org targeted banks, government institutions, police forces, schools and the gaming industry in a method that generated easy money for its administrators. One Europol investigator called the service “the most professional I’ve seen.”
The large volume of customers and professional implementation of webstresser.org is a great example of why DDoS will still stick around in 2018. These cyberattacks garner their administrators money through for-hire services or extortion and are easy to implement. Because of these factors DDoS is a favored method of attack.
Ransomware works by essentially holding your data hostage. Once downloaded, the malware works to encrypt data until a payment, usually in some form of cryptocurrency, is made.
Originally, desktops were the main target of ransomware, but ransomware attackers are becoming bolder as they move to target business-critical databases. The reason? Businesses will pay more money to release the data.
Ransomware made headlines twice in March after attacks were made along the East Coast of the United States. In Atlanta, a ransomware attack went after the city’s networks and demanded $55,000 worth of bitcoin in payment. The city eventually spent over $2.6 million in recovery.
Atlanta wasn’t the only city that suffered from an attack. Baltimore was forced to resort to manual dispatching of emergency services after an attack took out their 911 dispatch system. This attack occurred after troubleshooting from a city information technology team, which inadvertently left an open channel to the internet.
The use of ransomware in these two major attacks was no surprise after Verizon reported it as the top variety of malicious software of 2018. Ransomware was found in 39% of malware-related breaches, according to their annual Data Breach Investigations Report released in April.
Ransomware is popular for many of the same reasons as distributed denial of service attacks. It’s low risk and high reward with plenty of opportunities to make money through cryptocurrency.
One of the entry points for this type of malware is through human error. Most ransomware uses email as an entry point, with 96% of attacks coming through inboxes.
While 80% of the population won’t fall for these phishing attacks, a criminal only needs one person to download the link for the malware to latch on. Even more surprisingly, employees who download these links are more likely to click on them again. However, according to Gabe Bassett, senior information security data scientist at Verizon, most of the people who fall for phishing attacks have a job that involves downloading and opening pdfs.
2018 is shaping up to be yet another “worst year ever” for cybercrime. But don’t be too alarmed; as technology moves forward we can expect cybercrime to move forward with it.
As you setup, monitor, and maintain your IT systems, make sure to look out for suspicious emails and keep on top of the trends of ransomware and DDoS. And if you’re interested, follow along with Jigsaw’s Project Shield to see how large infrastructures are working to improve worldwide election security.
If you want to make sure your business is protected from cybercrime, get in touch with us. At Swift System, we offer mission critical IT support at a fixed monthly price. We can offer you reliable IT systems, a dedicated tier-II technician, and total network security. Cyberattacks are frightening, it’s true – but it helps to have IT you can count on.
Be proactive and prepared for the second half of 2018. Contact Swift Systems today.
IT systems are foundational to modern businesses. Too often, that foundation is unsteady. Unpredictable outages, insecure networks, and unreliable performance from mission-critical systems can jeopardize your entire business.
There’s a better way. Learn how.