Cyberattacks show no sign of slowing down this year, according to a Wednesday report from Positive Technologies. Q2 2018 saw a 47% increase in cyberattacks over Q2 2017, with targeted attacks outnumbering mass campaigns as cybercriminals grow more sophisticated. Most cases involved targeted attacks on companies and their clients, as well as cryptocurrency exchanges, the report found.
Data theft is driving an increasing number of attacks, with many criminals seeking personal data (30%), credentials (22%), and payment card information (15%). To steal this data, hackers are compromising online platforms, including e-commerce websites, online ticketing systems, and hotel booking sites, according to the report.
Attackers targeted cryptocurrency platforms twice as often in Q2 2018 as the year before, the report found: In May and June, a number of attacks affected Verge, Monacoin, Bitcoin Gold, ZenCash, Litecoin Cash, and others, with attackers stealing more than $100 million total from these platforms.
SEE: Incident response policy (Tech Pro Research)
“Cyberattacks in Q2 victimized 765 million ordinary users to the tune of tens of millions of dollars,” Leigh-Anne Galloway, cybersecurity resilience lead at Positive Technologies, said in a press release. “Today, you can never be sure that criminals don’t have your credit card number from one source or another. Even when you buy a brand-new smartphone in a store, you can still end up getting pre-installed malware.”
Here are the six most popular cyberattack methods criminals used in Q2 2018, according to the report.
1. Malware (49%)
Cybercriminals continue to steal data from victims’ computers, most commonly using spyware (26%) or remote administration malware (22%) to do so, the report found. The most common malware infection methods in Q2 2018 were compromising servers and workstations by accessing a targeted system using vulnerabilities, social engineering, or bruteforced passwords (29%), planting malicious software on victims’ devices via infected websites (29%), and sending malicious attachments or links by email (23%).
2. Social engineering (25%)
Cybercriminals continue to innovate in the social engineering space, developing new methods to manipulate users into believing a message, link, or attachment is from a trusted source, and then infecting targeted systems with malware, stealing money, or accessing confidential information, the report found.
3. Hacking (21%)
Hacking–exploiting vulnerabilities in software and hardware–is often the first step in an attack, the report stated. Hackers currently cause the most damage to governments, banks, and cryptocurrency platforms.
4. Credential compromise (19%)
While enterprise users increasingly look to password managers for storing and keeping track of passwords, these managers can also be vulnerable to attack, the report noted.
5. Web attacks (18%)
Cybercriminals can extort website operators for profit, sometimes by threatening to steal client databases or shut down the website.
6. DDoS (5%)
DDoS tends to be the weapon of choice for business rivals, disgruntled clients, and hacktivists, according to the report. These attacks typically hit government institutions, and political events are a major driver. However, criminals also perform DDoS attacks for profit, taking websites offline and demanding payment from the victims to stop the attack.
While these are real threats to a business, companies can take several steps to keep their data safe, including centralizing update management, placing antivirus protection on all systems and endpoints, and implementing SIEM capabilities, the report recommended. Businesses should also encrypt all sensitive information, perform regular backups, minimize the privileges of users and services as much as possible, and use two-factor authentication. Enforcing a password policy with strict length and complexity requirements, and requiring password changes every 90 days, can also help protect your systems.
The big takeaways for tech leaders:
- Q2 2018 saw 47% more cybersecurity incidents than Q2 2017. — Positive Technologies, 2018
- The most common types of cyberattacks are malware, social engineering, hacking, credential compromise, web attacks, and DDoS attacks. — Positive Technologies, 2018