2016 was the year with the biggest hack attacks ever. Actually, each following year always sees a huge rise in cyber attacks. Here are the biggest for 2016.
Ransomware is one of the biggest cyber threats for enterprises in 2016. Quite a few companies fell victims to this rising tactic among hackers. The data is compiled by ComputerWorld. It comes from several sources including cybersecurity companies like Trend Micro, Bitdefender, Symantec, Kaspersky Lab and even IBM and others.
It paints quite a detailed picture about the threat that is ransomware. “We’ve begun noticing that ransomware has been focusing on small and medium businesses for the past year, as they’re more likely to pay larger ransomware fees than the average user,” said Liviu Arsene, a senior e-threat analyst at antivirus firm Bitdefender.
Ransomware is bigger than you might think
IBM also made a survey among 600 business leaders in the US. It found that one in two had experienced a ransomware attack in the workplace. It also concludes that 70% of the companies paid to get their data back. The total payout? Nearly $1 billion, just for 2016. And that’s just the payouts for the hackers, the indirect costs and losses for the victims are even higher. Most companies simply don’t report it, so it’s hard to have a more realistic picture.
This high percentage of paying companies is a key figure why ransomware becomes so popular among hackers. Plus, it’s relatively easy to deploy. In 40% of the cases, the ransomware reaches the targets via email.
Afterwards, a series of mistakes by to companies lead to the success for the hackers. First, a lot of companies still haven’t held proper or even basic IT security trainings for their employees. The people should know the basics of spam, social engineering, fake email senders, antivirus software and so on. Plus, companies don’t really have mandatory IT security guidelines. This increases the risk of ransomware and other viruses to sneak into the internal network.
Next, organizations should have a full response plan what to do if disaster strikes. They should also have complete regular backups of their data and hold regular integrity checks of those backups. Also, they have to carry tests of the data restoration so they know what to do. In short, companies should be fully ready and trained to act, instead of figuring it out when it happens.
Also note, Symantec reports that some hackers try to first identify the backups and either delete them or corrupt them in some form before or when they deploy the ransomware. “We do expect that with ransomware ‘going corporate’ we will see more vulnerability-based infections within networks. In essence, every server that has vulnerabilities that may lead to phishing, defacing or persistent code injection, could lead to ransomware spreading,” said Barry Shteiman, director of threat research at Exabeam.
Traditional attacks are getting more sophisticated, too
It’s not just ransomware, though. Online frauds, advances phishing scams also target enterprises and their employees. Some attackers mimic entire website login pages in great detail, trying to steal user credentials. Sometimes the login page clones are so good, they actually redirect you to the original page. They can even log the user in and they remain oblivious to the fact their data got copied.
Then there’s the classic Distributed Denial of Service (DDoS) attacks. A report from Neustar shows that in 2016 DDoS attacks increased with a whopping 40% when compared with 2016. And these DDoS attacks are getting more sophisticated. In 52% of the cases they were Multi-vector, combining different vectors to confuse the targets.
Multi-vector Attacks increased 322% while DNS-based attacks jumped 648% with DNSSEC amplification the main choice for hackers. IoT Botnets are also now a thing. They are still small, but show quite a lot of promise for a quick and easy takeover of thousands of Internet connected devices with little to no security. “Mirai signals a watershed moment for DDoS attacks, where the bad guys finally turned the Internet back on its users,” said Rodney Joffe, SVP and Fellow, Neustar. “It is imperative to invest in effective DDoS protection now because the threat landscape has fundamentally changed.
So, there you have it. The Internet is not safe and it’s a bad business practice to thing the opposite, to say the least. You shouldn’t underestimate this and improve your IT security in 2017, both technically and by improving the skills of your employees.