Cybercriminals learning how to monetize millions of incidents, yet report finds 95 percent could have been avoided

SINGAPORE - MediaOutReach - July 10,2019 - The Internet Society's Online Trust Alliance (OTA), which identifies and promotes security andprivacy best practices that build consumer confidence in the Internet,today released its Cyber Incident & Breach TrendsReport. The report found the financial impact of ransomware rose by60%, losses from business email compromise (BEC) doubled, and cryptojackingincidents more than tripled, all despite the fact that overall breaches andexposed records were down in 2018. The data shows that cybercriminals aregetting better at monetizing their activities, with OTA estimating the morethan 2 million cyber incidents in 2018 resulted in over $45 billion in losses,with the actual numbers expected to be much higher as many cyber incidents arenever reported.

"While it's tempting to celebrate adecreasing number of breaches overall, the findings of our report are grim,"said Jeff Wilbur, technical director of the Internet Society's Online TrustAlliance. "The financial impact of cybercrime is up significantly and cybercriminals are becoming more skilled at profiting from their attacks. So, whilethere may be fewer data breaches, the number of cyber incidents and theirfinancial impact is far greater than we've seen in the past."

In the report, OTA noted a steep risein cyber incidents like supply chain attacks, Business Email Compromise (BEC)and cryptojacking. Some attack types, such as ransomware, are not new butcontinue to be lucrative for criminals. Others, such as cryptojacking, showthat criminals are shifting their focus to new targets. Some of the top trendsfrom the Cyber Incident & Breach Trends Report are listed below.

-       Rise of Cryptocurrency Breeds New CyberCriminals

In conjunction with the increasing prevalence of cryptocurrencycomes the rise of cryptojacking, which tripled in 2018. This is a specific typeof attack aimed at hijacking devices to harness computer power at scale toefficiently mine cryptocurrency. OTA believes these incidents are increasinglyattractive to criminals as they represent a direct path from infiltration toincome, and are difficult to detect.

-       Deceptive Email

Though well-known as an attack vector, Business Email Compromise(BEC) doubled in 2018, resulting in $1.3 billion in losses as employees weredeceived into sending funds or gift cards to attackers who use email toimpersonate vendors or executives.  Manycompanies are reacting by clearly labeling all emails that originate outsidethe organization's network.

-       Attacks via Third Parties

Supply chain attacks -- wherein attackers infiltrate viathird-party website content, vendors' software or third-parties' credentials --were not new in 2018 (similar past exploits include Target in 2013, CCleanerand Not Petya in 2017), but they continue to proliferate and morph. The mostnotable 2018 attack was Magecart, which infected the payment forms on more than6,400 e-commerce sites worldwide. The OTA report compiled external sources thatestimated a 78% increase in these types of attacks in 2018, with two-thirds oforganizations having experienced an attack at an average cost of $1.1 million, andestimates that half of all cyber attacks involve the supply chain.

-       Governments Under Attack

While thetotal number of ransomware attacks was down in 2018, the OTA report noted atroubling rise in reported ransomware attacks against state and localgovernments in 2018 and early 2019. Breaches targeting the cities of Baltimoreand Atlanta led to the disruption of many government services and therebuilding of entire network structures. Local governments are particularlyvulnerable given that they often rely on outdated technology and are runningold software and operating systems.

-      Issuesin the Cloud

While also not new, 2018 brought a rash of sensitive data beingleft open to the Internet due to misconfigured cloud services. Given the numberof businesses that rely on companies like Amazon, Google, and Microsoft forsome or all of their cloud needs, it is increasingly important to ensure cloudstorage is secure. The report noted that one common problem with cloudcomputing isn't even a true "attack", but user error. Configuring data storagecorrectly is the responsibility of the data's owner, not of the cloud serviceand it's often improperly done.

-       CredentialStuffing Rises
OTA found an increase in credential stuffing in 2018, an attacktype that recently gained prominence. Given that there are now more than 2.2billion breached credentials in play and users often rely on identical loginsacross services, attackers are harnessing ultra-fast computers and knownusername/password pairs or commonly used passwords to gain access directly toaccounts across a wide range of industries. Several high-profile attacksoccurred in 2018, and though many were initially believed to be breaches, theyturned out to be brute-force credential attacks.

Most Breaches Preventable

As in past years, OTA found most breachescould have been easily prevented. It calculated that in 2018, 95 percent of allbreaches could have been avoided through simple and common-senseapproaches to improving security. The report provides achecklist.

"Our report findings indicate thatcybercriminals are using their infiltration ability to focus on new, morelucrative attacks," continued Wilbur. "Staying up-to-date on the latestsecurity safeguards and best practices is crucial to preventing attacks in thefuture."

Methodology

OTA came to its conclusions in the report by tracking andanalyzing threat intelligence data from multiple sources. These sources includedbut are not limited to Risk Based Security, Identity Theft Resource Center,Privacy Rights Clearinghouse, DLA Piper, Symantec, the FBI, and more.

About OTA

The Internet Society's Online Trust Alliance (OTA)identifies and promotes security and privacy best practices that build consumerconfidence in the Internet. Leading public and private organizations, vendors,researchers, and policymakers contribute to and follow OTA's guidance to helpmake online transactions safer and better protect users' data. The Internet Societyis a global nonprofit dedicated to ensuring an open, globally connected,trustworthy, and secure Internet for everyone.