Ransomware, cryptojacking, and business email compromise attacks all ramped up the financial losses due to cyber breaches, according to the Online Trust Alliance.
Despite the number of cybersecurity breaches and exposed records falling in 2018, more than 2 million cyber incidents occurred, resulting in over $45 billion in losses, according to the Internet Society's Online Trust Alliance (OTA) in its Cyber Incident & Breach Trends Report, released Tuesday.
A few types of attacks caused the most financial damage, the report found. The financial impact of ransomware rose by 60%, while losses from business email compromise (BEC) attacks doubled, and cryptojacking attacks more than tripled over the past year.
SEE: Special report: A winning strategy for cybersecurity (free PDF) (TechRepublic)
The actual financial impact of cyberattacks is likely higher than $45 billion, as many incidents go unreported, OTA noted.
OTA tracked and analyzed threat intelligence data from sources including Risk BasedSecurity, Identity Theft Resource Center, Privacy Rights Clearinghouse, DLA Piper,Symantec, and the FBI to build its report.
"While it's tempting to celebrate a decreasing number of breaches overall, the findingsof our report are grim," Jeff Wilbur, technical director of OTA, said in a press release. "The financial impact of cybercrime is up significantly and cyber criminals are becoming more skilled at profiting from their attacks. So, while there may be fewer data breaches, the number of cyber incidents and their financial impact is far greater than we've seen in the past."Ransomware: How healthcare organizations can stay ahead of attacks
This eBook cover the essentials on ransomware attacks facing the healthcare industry — including how they work, why they’re so malicious, and the best way to protect your organization.
Along with ransomware's resurgence in financial impact and the rise of cryptojacking, attacks via third parties also became more prevalent in 2018, OTA found. The most notable such attack was Magecart, which infected the payment forms on more than 6,400 e-commerce sites worldwide.
AOC 'SQUAD' HOLDS PRESS CONFERENCE CALLING TRUMP 'OCCUPANT' OF WHITE HOUSE@FOX NEWS
Misconfigured cloud services left sensitive data out in the open in 2018, and credential stuffing attacks also become more popular, the report noted.
Perhaps most disheartening fact is that the vast majority of breaches in 2018—95%, by OTA's estimates—could have been avoided through simple approaches to improving security.
OTA provided the following checklist for organizations to improve their cybersecurity practices:
Complete risk assessments for executive review, operational process and third-party vendors
Review security best practices and validate your organization's adoption or rationale for not adopting
Audit your data and review your data stewardship practices, including data lifecycle management
Complete a review of insurance needs including exclusions and pre-approval of coverage for any third-party services (such as cyber forensics, remediation provider, PR firm, etc.)
Establish and regularly test an end-to-end incident response plan including empowering 24/7 first responders
Establish/confirm relationships with data protection authorities, law enforcement and incident service providers
Review and establish forensic capabilities, procedures and resources (internal and third-party providers)
Develop communication strategies and tactics tailored by audience (e.g., messages to employees vs. messaging to media vs. notifications to customers)
Review remediation programs, alternatives and service providers
Implement ongoing employee training for incident response
Establish employee data security awareness and ongoing education on privacy, incident avoidance (password practices, how to recognize social engineering, etc.) and incident response
Understand the regulatory requirements, including relevant international requirements
"Our report findings indicate that cybercriminals are using their infiltration ability to focus on new, more lucrative attacks," Wilbur said in the release. "Staying up-to-date on the latest security safeguards and best practices is crucial to preventing attacks in the future."
For more, check out How to become a cybersecurity pro: A cheat sheet on TechRepublic.
Strengthen your organization's IT security defenses by keeping abreast of the latest cybersecurity news, solutions, and best practices. Delivered Tuesdays and Thursdays
How to become a cybersecurity pro: A cheat sheet (TechRepublic)
10 dangerous app vulnerabilities to watch out for (TechRepublic download)
Windows 10 security: A guide for business leaders (TechRepublic Premium)
Online security 101: Tips for protecting your privacy from hackers and spies (ZDNet)
The best password managers of 2019 (CNET)
Cybersecurity and cyberwar: More must-read coverage (TechRepublic on Flipboard)
21 Aug, 2019  0  Comments
In August 2015, MTN Group and Liquid Telecom entered into a partnership to extend their footprint across Africa, exploring ways to jointly offer customers access to the largest fixed... ...Read More
20 Aug, 2019  0  Comments
In an interaction with ET CIO, Nikhil Taneja, MD (India, SAARC & Middle East), Radware shares what CISOs need to focus on to stay ahead in the cybersecurity game
CISOs constantly... ...Read More
by Ryan Dube
Updated August 13, 2019
People often store a lot of sensitive data inside an Excel workbook. A good way to protect that information is to... ...Read More
06 Aug, 2019  0  Comments
By Alison DeNisco Rayome in Security
Destructive attacks cost multinational companies $239 million on average, far more than the cost of a data breach, according to IBM... ...Read More
Sign up to receive our free newsletters!
We do not spam. We value your privacy!
© 2019 Just40days.com. All Rights Reserved. Developed by HariOm Technologies