International. Approximately two million cyberattacks in 2018 resulted in more than $45 billion in losses worldwide as local governments struggled to deal with ransomware and other malicious incidents.
The Internet Society's Online Trust Alliance (OTA), which identifies and promotes security and privacy best practices that foster consumer trust in the Internet, released its Cyber Incident and Cyberattack Trends Report, which found that the financial impact of ransomware increased by 60%, business email engagement (BEC) losses doubled, and cryptojacking incidents tripled, despite the fact that overall breaches and exposed records declined in 2018.
In the report, OTA observed a sharp increase in cyber incidents, such as supply chain attacks, business email compromise (BEC), and cryptojacking. Some types of attacks, such as ransomware, are not new but remain lucrative for criminals. Others, such as cryptojacking, show that criminals are shifting their focus towards new targets. Some of the report's main trends include:
Rise of cryptocurrencies breeds new cybercriminals
Along with the increase in the prevalence of cryptocurrency, comes the rise of cryptojacking, which tripled in 2018. This is a specific type of attack aimed at hijacking devices to harness the power of computers at scale to effectively exploit cryptocurrency. OTA believes these incidents are increasingly attractive to criminals as they represent a direct path from infiltration to entry and are difficult to detect.
Misleading email
Although known as an attack vector, Business Email Compromise (BEC) doubled in 2018, resulting in $1.3 billion in losses, as employees were tricked into sending funds or gift cards to attackers who use email to impersonate salespeople or executives. Many companies are reacting by clearly labeling all emails that originate outside the organization's network.
Attacks through third parties
Supply chain attacks, in which attackers infiltrate through third-party website content, vendor software, or third-party credentials, were not new in 2018 (similar attacks include Target in 2013, CCleaner, and Not Petya in 2017), but they continue to proliferate and transform. The most notable attack of 2018 was Magecart, which infected payment forms on more than 6,400 e-commerce sites worldwide. The OTA report compiled outside sources that estimated a 78% increase in these types of attacks in 2018, with two-thirds of organizations experiencing an attack at an average cost of $1.1 million and estimates that half of all cyberattacks involve the supply chain.
Governments under attack
While the total number of ransomware attacks decreased in 2018, the OTA report noted a troubling increase in reported ransomware attacks against state and local governments in 2018 and early 2019. The baltimore and atlanta city breaches led to the disruption of many government services and the rebuilding of entire network structures. Local governments are particularly vulnerable as they often rely on outdated technology and run older software and operating systems.
Cloud issues
Although it's also not new, 2018 brought a number of sensitive data that were left open to the internet due to misconfigured cloud services. Given the number of companies that rely on companies like Amazon, Google, and Microsoft for some or all of their cloud needs, it's increasingly important to ensure that cloud storage is secure. The report noted that a common problem with cloud computing is not even a true "attack," but a user error. The correct configuration of data storage is the responsibility of the data owner, not the cloud service and is often done incorrectly.
Increase credential stuffing
OTA found an increase in credential stuffing in 2018, a type of attack that recently gained prominence. Since there are now more than 2.2 billion breached credentials at stake and users often boast identical logins across services, attackers are leveraging ultra-fast computers and known username/password pairs or commonly used passwords to gain direct access to accounts across a wide range of industries. Several high-profile attacks occurred in 2018, and while many were initially believed to be breaches, they turned out to be brute-force credential attacks.
Most violations are avoidable
As in previous years, OTA found that most violations could have been easily avoided. He calculated that in 2018, 95 percent of all breaches could have been avoided through simple, common-sense approaches to improving security. The report provides a checklist.
