Symantec’s 2019 Internet Security Threat Report takes a deep dive into insights from the world’s largest civilian global intelligence network, revealing:
- Formjacking attacks skyrocketed, with an average of 4,800 websites compromised each month.
- Ransomware shifted targets from consumers to enterprises, where infections rose 12 percent.
- More than 70 million records stolen from poorly configured S3 buckets, a casualty of rapid cloud adoption.
- Supply chains remained a soft target with attacks ballooning by 78 percent.
Our exhaustive research is informed by 123 million sensors recording thousands of threat events every second from 157 countries and territories. Use this unparalleled intelligence to your advantage by downloading the Symantec 2019 Internet Security Threat Report.
- “Smart Speaker, get me a cyber attack” — IoT was a key entry point for targeted attacks; most IoT devices are vulnerable.
Executive Summary
Formjacking. Targeted attacks. Living off the land. Coming for your business.
Like flies to honey, miscreants swarm to the latest exploits that
promise quick bucks with minimal effort. Ransomware and
cryptojacking had their day; now it’s formjacking’s turn.
In the Symantec Internet Security Threat Report, Volume 24,
we share the latest insights into global threat activity, cyber
criminal trends, and attacker motivations.
The report analyzes data from Symantec’s Global Intelligence
Network, the largest civilian threat intelligence network in the
world, which records events from 123 million attack sensors
worldwide, blocks 142 million threats daily, and monitors threat
activities in more than 157 countries.
Cyber criminals get rich quick with formjacking
Formjacking attacks are simple and lucrative: cyber criminals
load malicious code onto retailers’ websites to steal shoppers’
credit card details, with 4,800+ unique websites compromised
on average every month.
Both well-known (Ticketmaster and British Airways) and smallmedium businesses were attacked, conservatively yielding tens
of millions of dollars to bad actors last year.
All it takes is 10 stolen credit cards per compromised website to
result in a yield of up to $2.2M per month, as each card fetches
up to $45 in underground selling forums. With more than
380,000 credit cards stolen, the British Airways attack alone
may have netted criminals more than $17 million.
Ransomware - Cryptojacking
Down, but not out Ransomware and cryptojacking were go-to moneymakers for cyber criminals. But 2018 brought diminishing returns, resulting in lower activity.
For the first time since 2013, ransomware declined, down 20 percent overall, but up 12 percent for enterprises.
With a 90 percent plunge in the value of cryptocurrencies, cryptojacking fell 52 percent in 2018. Still, cryptojacking remains popular due to a low barrier of entry and minimal overhead; Symantec blocked four times as many cryptojacking attacks in 2018 compared to the previous year.
Targeted attackers have an appetite for destruction
Supply chain and Living-off-the-Land (LotL) attacks are now a cyber crime mainstay: supply chain attacks ballooned by 78 percent in 2018.
Living-off-the-land techniques allow attackers to hide inside legitimate processes. For example, the use of malicious PowerShell scripts increased by 1,000 percent last year.
Symantec blocks 115,000 malicious PowerShell scripts each month, but this number accounts for less than one percent of overall PowerShell usage. A sledgehammer approach toward blocking all PowerShell activity would disrupt business, further illustrating why LotL techniques have become the preferred tactic for many targeted attack groups, allowing them to fly under the radar.
No hay comentarios:
Publicar un comentario