Radware’s Global Application and Network Security Report 2016-2017 has found that hackers and companies agree on one thing: data is lucrative. According to the report, 49 percent of European businesses confirmed that ransom was the top attack motivation in 2016, an increase of nearly 100 percent from the 25 percent recorded in 2015. What’s more, 25 percent of European IT professionals surveyed said they were worried about a full or partial outage from cyber attacks, 23 percent said data leakage or loss was their key cyber security concern, 18 percent said reputation loss, 7 percent were concerned with service degradation and 6 percent feared customer or partner loss.
Despite this rise, the study revealed that less than half of European businesses interviewed claimed to be well prepared to fight ransom attacks with 44 percent having no cyber security emergency response plan in place. Additionally, 77 percent said they didn’t have cyber insurance for their business and 5 percent keep bitcoins on hand for ransoms.
The full report identifies 2016’s major attack trends, outlines industry preparedness, and gives insider views. The main findings included:
- 49 percent of European respondents reported that ransom was the top motivation behind cyber attacks they had experienced in 2016, followed by competition (30 percent), political hacktivism (27 percent), and insider threats (20 percent).
- Half of all organizations surveyed globally had experienced a malware or botnet attack in the past year, and 55 percent said that IoT complicates their detection or mitigation requirements as it increases the surface of the attack landscape making it harder to defend.
- Global respondents felt least prepared to defend against advanced persistent threats (43 percent).
- Massive DDoS attacks made headlines in 2016. These big attacks can do a lot of damage: Globally, 35 percent reported impact to their servers, 25 percent claimed damage to their Internet pipe, and 23 percent said large-scale attacks caused the failure of their firewall.
- More than 76 percent of European DDoS attacks reported by organizations were under 1 Gbps.
Key trends for 2017 from the report include:
- With the code for the Mirai IoT Botnet now available to the public, novice and sophisticated hackers are already adjusting and improving the code’s capabilities, tailoring it to meet their own cyber objectives. In 2017, exponentially more devices are expected to become targeted and enslaved into IoT botnets. IoT device manufacturers will have to face the issue of securing their devices before they are brought to market, as botnet attacks from these devices can generate large-scale attacks that easily exceed 1 Tbps.
- Ransom is the fastest-growing motive and technique in cyber attacks, as most phishing attempts now deliver ransomware. Today, threat actors focus their ransom attacks to target phones, laptops, company computers, and other devices that are a daily necessity. In the future, they may target lifesaving healthcare devices like defibrillators.
- Rise of permanent denial of service (PDoS) for data centre /center and IoT Operations: also known loosely as ‘phlashing’, PDoS is an attack that damages a system so badly that it requires replacement or reinstallation of the hardware itself. While these attacks have been around for a long time, they only appear sporadically. However, they can do a tremendous amount of damage. Radware anticipates that more threat actors will target the destruction of devices via PDoS attacks in the coming year.
- Telephony DoS (TDoS) is expected to rise in sophistication and importance, catching many by surprise. Cutting off communications during crisis periods, such as terror attacks, could impede first responders’ situational awareness, exacerbate suffering and pain, and potentially increase loss of life.
- Public transportation held hostage. From trains and planes to buses and automobiles, entire systems of transportation are becoming self-guided. This automation is meant to provide increased safety, improved reliability, and higher efficiencies. Most of this critical infrastructure may be vulnerable to threat actors looking to hijack public transportation or lock the system down with ransomware.