It’s not a happy prospect to dig into the myriad ways cybercriminals are threatening enterprise organizations and major infrastructure systems. But there is plenty to learn and apply toward ongoing cybersecurity efforts, and SparkCognition’s research for a new infographic looks at some of the most important trends and things to know about the current state of cybercrime.
Among its findings:
- New ransomware attacks are estimated to originate every 11 seconds*
- In 2021 cybercriminals caused more than $16B every day in damages
- By 2025 there will be an estimated $10.5T in cybercrime losses*
*according to Cybersecurity Ventures
Take a look at the complete cybersecurity infographic here.
Attackers increase their precision, skills
More useful info comes from a recent study from Verizon that highlights the kinds of threats we’re facing, how cybercriminals gain access to critical systems and operation assets, and what types of data are most likely to be accessed in those incidents.
Verizon’s 2022 Data Breach Investigation Report is the 15th annual report by the company on the dynamics of cybercrime, which allows for valuable comparisons and trend analysis through the years.
It found that external threats are more than 3X as prevalent as internal threats in executing a data breach, though outside business partners with a relationship to the victim organization were involved in 39% of the breaches that were analyzed.
Internal and partner-involved attacks were found to have a much larger impact, however, when the number of compromised files was taken into account. Attacks generated internally were found to have a median file count impact of 375,000, compared to 187,500 for partner-involved attacks and a mere 30,000 files for attacks that came from purely external actors. The most recent overall median file impact size was 80,000, representing a nearly 80% drop since Verizon began doing its analyses in 2008. The report notes that change is likely due in part to attackers becoming more precise in knowing how to monetize data and only targeting the files with the most value.
In looking at the most productive entry points for attacks, Verizon found that hacking of web applications was by far the most popular choice (70%) with email, partner resources, and software updates each accounting for about 10% of the more than 18,000 incidents it reviewed.
Servers were the most vulnerable assets in recent attacks, with roughly 90% involvement, with people and user devices pulling up far behind at around 20% each. When the specific kinds of servers involved were taken into account, web application servers figured into more than 50% of attacks, while mail servers (about 30%) and desktop or laptop computers (20%) came in second and third.
More data means more opportunities
In a recent article for CPO Magazine, SparkCognition’s vice president of software engineering Jarred Capellman gave an overview of the pervasiveness of cyberattacks and how those behind the malware are trying to exploit an attack surface that is growing larger every year.
With enterprise technology infrastructure greatly expanded to adapt to the remote work demands of the pandemic, the amount of data and interconnectivity has grown to a point that total internet traffic is expected to reach 4.8 zettabytes in 2022. That represents a year-over-year traffic increase of 50%, which goes in tandem with the 151% increase in global attack volume in 2021 according to a report from the World Economic Forum’s Centre for Cybersecurity.
With developments such as polymorphic, self-mutating malware that can make deployments by for-hire attack shops more effective and costly for victim companies, Capellman warns that experiencing an attack and possible breach is a “when, not if” certainty. The only remedy, he said, is for companies and organizations to take robust protection steps to counter outside threats.
On his list of essential actions:
- Make cyber resilience a priority and spend accordingly to enact proper protection.
- Educate employees on phishing and other common tactics used by cybercriminals.
- Combine physical security with cybersecurity to make sure both receive the needed resources.
- Perform regular security audits to identify weak points and overlooked issues with security protocols.
- Adopt AI-powered cybersecurity solutions that offer real-time monitoring and threat detection.
For organizations in search of ways to overcome the rapidly increasing threat of cybercrime, SparkCognition’s EPP product provides trusted protection of IT and OT assets, with the ability to counter zero-day attacks and other threats. In a small footprint that doesn’t require large data resources, EPP greatly reduces the risk of breaches and removes the human element of overworked IT and security teams that can create weaknesses in the systems they are responsible for protecting. Learn more about SparkCognition EPP.