Canadian Underwriter
News

Cyberespionage and ransomware attacks on the increase, report warns


April 27, 2017   by Canadian Underwriter


Print this page

Cyberespionage is now the most common type of attack seen in the global manufacturing, education and now public sectors, a new report has revealed.

According to the Verizon 2017 Data Breach Investigations Report (DBIR), released on Thursday, ransomware is now the fifth most common specific malware variety. This year’s report has also found a 50% increase in ransomware attacks compared to last year, Verizon said in a press release.

Nearly 2,000 breaches were analyzed in the 2017 report and more than 300 were espionage-related, many of which started as phishing emails, Verizon explained. Now in its tenth year, the report leverages collective data from 65 organizations across the world. The report for 2017 includes analysis on 42,068 incidents and 1,935 breaches from 84 countries.

Major findings include:

  • The top three industries for data breaches are financial services (24%), healthcare (15%) and public sector (12%);
  • Companies in the manufacturing industry are the most common targets for email-based malware;
  • Sixty-eight per cent of healthcare threat actors are internal to the organization;
  • 51% of data breaches analyzed involved malware. Ransomware, which uses technology to extort money from victims – saw a 50% increase from last year’s report, and a “huge jump” from the 2014 DBIR, where it ranked 22 in the types of malware used;
  • Last year, Verizon flagged the growing use of phishing techniques linked to software installation on a user’s device. In this year’s report, 95% of phishing attacks followed this process. Forty-three per cent of data breaches utilized phishing, and the method is used in both cyberespionage and financially motivated attacks;
  • Pretexting, where an individual lies to gain privileged information, is another tactic on the increase, and the 2017 DBIR showed that it is predominantly targeted at financial department employees – the ones who hold the keys to money transfers. Email was the top communication vector, accounting for 88% of financial pretexting incidents, with phone communications in second place with just under 10%; and
  • Sixty-one per cent of victims analyzed were businesses with fewer than 1,000 employees.

“Cyberattacks targeting the human factor are still a major issue,” said Bryan Sartin, executive director of global security services with Verizon Enterprise Solutions. “Cybercriminals concentrate on four key drivers of human behavior to encourage individuals to disclose information: eagerness, distraction, curiosity and uncertainty. And as our report shows, it is working, with a significant increase in both phishing and pretexting this year.”

But despite the increase and the related media coverage surrounding the use of ransomware, many organizations still rely on out-of-date security solutions and aren’t investing in security precautions, the release said. In essence, they’re opting to pay a ransom demand rather than to invest in security services that could mitigate against a cyberattack. “Often, even a basic defence will deter cybercriminals who will move on to look for an easier target,” Sartin said.