Cyber attacks show no signs of slowing down this year, according to a report. The second quarter of 2018 experienced a 47% increase in cyber attacks during the second quarter of 2017, with targeted attacks outnumbering mass campaigns as cyber criminals become more sophisticated. The report found that most of the cases involved targeted attacks on companies and their customers, as well as cryptocurrency exchanges.
Data theft is causing an increasing number of attacks, and many criminals search for personal data (30%), credentials (22%), and payment card information (15%). To steal this information, hackers are compromising online platforms, including e-commerce websites, online ticketing systems, and hotel reservation sites, according to the report.
Criminals attacked cryptocurrency platforms twice as often in the second quarter of 2018 than the previous year, according to the report: in May and June, various attacks affected Verge, Monacoin, Bitcoin Gold, ZenCash, Litecoin Cash, and others, with attackers who stole over $ 100 Million in total from these platforms.
“Cyber attacks in the second quarter victimized 765 million ordinary users to the tune of tens of millions of dollars,” the study authors said in a press release. “Today, you can never be sure that criminals don’t have your credit card number from one source or another. Even when you buy a new smartphone from a store, you can end up getting pre-installed malware.”
These are the six most popular computer crime methods used in the second quarter of 2018, according to the report.
1. Malware (49%)
Cyber criminals continue to steal data from victims’ computers, usually with spyware (26%) or remotely administered malware (22%). The most common malware infection methods in the second quarter of 2018 were compromising servers and workstations by accessing a specific system using vulnerabilities, social engineering, or forced passwords with brute force (29%), planting malicious software in Victims’ devices via infected websites (29%) and sending malicious attachments or links via email (23%).
2. Social engineering (25%)
Cybercriminals continue to innovate in the social engineering space, developing new methods to manipulate users into believing that a message, link, or attachment comes from a trusted source, and then infect specific systems with malware, steal money, or access information confidential, according to the report.
3. Hacking (21%)
Hacking, which exploits vulnerabilities in software and hardware, is often the first step in an attack, according to the report. Hackers currently cause the most damage to governments, banks, and cryptocurrency platforms.
4. Credential commitment (19%)
While business users are increasingly looking for password managers to store and track passwords, these managers may also be vulnerable to attacks, the report noted.
5. Web attacks (18%)
Cybercriminals can extort profit-making website operators, sometimes threatening to steal customer databases or shut down the website.
6. DDoS (5%)
DDoS tends to be the weapon of choice for business rivals, disgruntled customers and hacktivists, according to the report. These attacks often affect government institutions, and political events are an important factor. However, criminals also carry out for-profit DDoS attacks, shut down websites, and demand payment from victims to stop the attack.
While these are real threats to a business, companies can take several steps to keep their data safe, including centralizing update management, putting antivirus protection on all endpoints and systems, and implementing SIEM capabilities. , recommended the report. Businesses should also encrypt all confidential information, perform regular backups, minimize user and service privileges as much as possible, and use two-factor authentication. Enforcing a password policy with stringent length and complexity requirements, and requiring password changes every 90 days, can also help protect your systems.
To ensure business success, now and in the future, it is essential to maximize the return on existing software investment, while innovating and adopting new technologies. Challenges to be addressed to compete in a Hybrid IT world include DevOps, Security, Risk Management and Predictive Analytics. You can learn more about how to tackle these challenges and innovate at this link.