• 93% were avoidable lapses
The world recorded over 160,000 security breaches, data thefts, and disruption of business operations, and a host of others in 2017.These were among the findings of the 10th yearly cyber incident and breach trends report of the Online Trust Alliance (OTA), now part of the Internet Society, which was released at the weekend OTA, which helps to educate businesses, policymakers and stakeholders, while advancing best practices and tools to enhance the protection of users’ security, privacy and identity, said the calculation of the number of cyber incidents comes from analysing data collected from a number of security vendors and the Federal Bureau of Investigation. The report noted that these are reported incidents. “Since most incidents are not reported to executives, law enforcement, regulators or the public, the actual number of harmful incidents could easily exceed 350,000,” it added.
According to the authors, the number of reported incidents was almost twice as many as in 2016, “this increase is primarily due to the significant growth in ransomware infections during 2017.”
As in previous years, OTA analysed reported breaches through Q3 2017, and found that 93 per cent were avoidable, which is consistent with previous years’ findings. Of the reported breaches, 52 per cent were the result of actual hacks, while 11 per cent were due to lack of internal controls resulting in employees’ accidental or malicious events, the report said.
“Regular patching has always been a best practice, and neglecting it is a known cause of most breaches, but this category received special attention this year in light of the Equifax breach. The vast majority of other types of attacks – ransomware and BEC (business email compromise) – are initiated by deceptive or malicious emails. Analysis reveals that these, too, are avoidable, by blocking fake messages, and training users to recognise spearphishing attacks.
“In addition to better processing of email, there are several other steps that can prevent or limit the impact of ransomware, which include updated system, and security software as well as regular data backups.
“Since BEC attacks rely almost entirely on social deception and rarely include any malicious links or attachments, better processing of email can generally stop these attacks in their tracks. Unfortunately, the day-to-day urgency of business often prevents organisations from appropriately defending against these email-based attacks.”
Interestingly, the report takes no side on whether organisations should pay a ransom to retrieve data. Some may have to shell out in certain circumstances, it says, so the report recommends organisations set up a bitcoin wallet just in case.
“Because organisations are shifting more workloads to the cloud -and many breaches involved cloud providers, it urges them to follow best practices, such as auditing a provider’s procedures. And keeping in mind the many breaches of Amazon S3 storage containers it calls for ‘increased vigilance and understanding of all aspects of cloud-based services to properly secure data stored there’.”
As for preventing corporately-owned internet of thing (IoT) devices from being leveraged for distributing malware or denial of service attacks, the report said firms should thoroughly vet IoT products for security, put them on a separate network and monitor the use of “non-IT” devices such as smart TVs.