Ransomware can take diﬀerent forms, but in its essence, it denies access to a device or ﬁles until a ransom has been paid.
In this manual, we discuss ransomware as PC or Mac-based malicious software that encrypts a user or company’s ﬁles and forces them to pay a fee to the hacker in order to regain access to their own ﬁles.
The hackers primarily use the following vectors to infect a machine: phishing emails, unpatched programs, compromised websites, poisoned online advertising, and free software downloads.
Download full document addressing Ransomeware Hostage today.
At first glance, August has been a quiet month for data breaches, with a total of 114,686,290 breached records. That’s about 10 percent of the monthly average coming into the month.
But that figure comes from 95 incidents in total, which is the highest number of breaches we’ve had all year.
Let’s take a look at those breaches in full in our slightly tweaked monthly list. After a reader suggestion last month, we’re also listing the UK-specific incidents in bold. Let us know if you like that change or if you have any other suggestions for future months.
Cybersecurity issues are becoming a day-to-day struggle for businesses. Trends show a huge increase in hacked and breached data from sources that are increasingly common in the workplace, like mobile and IoT devices.
Additionally, recent research suggests that most companies have unprotected data and poor cybersecurity practices in place, making them vulnerable to data loss.
We’ve compiled 60 cybersecurity statistics to give you a better idea of the current state of overall security, and paint a picture of how potentially dire leaving your company unsecure can be.
Data Breaches by the Numbers
The increasing amount of large-scale, well-publicized breaches suggests that not only are the number of security breaches going up — they’re increasing in severity, as well.
In 2016, 3 billion Yahoo accounts were hacked in one of the biggest breaches of all time. (Oath.com)
In 2016, Uber reported that hackers stole the information of over 57 million riders and drivers. (Uber)
In 2017, 412 million user accounts were stolen from Friendfinder’s sites. (LeakedSource)
In 2017, 147.9 million consumers were affected by the Equifax Breach. (Equifax)
According to 2017 statistics, there are over 130 large-scale, targeted breaches in the U.S. per year, and that number is growing by 27 percent per year. (Accenture)
Thirty-one percent of organizations have experienced cyber attacks on operational technology infrastructure. (Cisco)
100,000 groups in at least 150 countries and more than 400,000 machines were infected by the Wannacry virus in 2017, at a total cost of around $4 billion. (Malware Tech Blog)
Attacks involving cryptojacking increased by 8,500 percent in 2017. (Symantec)
In 2017, 5.4 billion attacks by the WannaCry virus were blocked. (Symantec)
There are around 24,000 malicious mobile apps blocked every day. (Symantec)
Including turnover of customers, increased customer acquisition activities, reputation losses and diminished goodwill the cost of lost business globally was highest for U.S. companies at $4.13 million per company. (Ponemon Institute’s 2017 Cost of Data Breach Study)
It’s crucial to have a grasp on the general landscape of metrics surrounding cybersecurity issues, including what the most common types of attacks are and where they come from.
Ransomware detections have been more dominant in countries with higher numbers of internet-connected populations. The United States ranks highest with 18.2 percent of all ransomware attacks. (Symantec)
Trojan horse virus Ramnit largely affected the financial sector in 2017, accounting for 53 percent of attacks. (Cisco)
Most malicious domains, about 60 percent, are associated with spam campaigns. (Cisco)
Seventy-four percent of companies have over 1,000 stale sensitive files. (Varonis)
Malware and web-based attacks are the two most costly attack types — companies spent an average of US $2.4 million in defense. (Accenture)
The financial services industry takes in the highest cost from cyber crime at an average of $18.3m per company surveyed. (Accenture)
Microsoft Office formats such as Word, PowerPoint and Excel make up the most prevalent group of malicious file extensions at 38 percent of the total. (Cisco)
About 20 percent of malicious domains are very new and used around 1 week after they are registered. (Cisco)
Over 20 percent of cyber attacks in 2017 came from China, 11 percent from the US and 6 percent from the Russian Federation. (Symantec)
The app categories with most cybersecurity issues are lifestyle apps, which account for 27 percent of malicious apps. Music and audio apps account for 20 percent. (Symantec)
The information that apps most often leak are phone numbers (63 percent) and device location (37 percent). (Symantec)
In 2017, spear-phishing emails were the most widely used infection vector, employed by 71 percent of those groups that staged cyber attacks. (Symantec)
Between 2015 and 2017, the U.S. was the country most affected by targeted cyber attacks with 303 known large-scale attacks. (Symantec)
In 2017, overall malware variants were up by 88 percent. (Symantec)
Among the top 10 malware detections were Heur.AdvML.C 23,335,068 27.5 2 Heur.AdvML.B 10,408,782 12.3 3 and JS.Downloader 2,645,965 3.1 (Symantec)
By 2020, the estimated number of passwords used by humans and machines worldwide will grow to 300 billion. (Cybersecurity Media)
With new threats emerging every day, the risks of not securing files is more dangerous than ever, especially for companies.
21 percent of all files are not protected in any way. (Varonis)
41 percent of companies have over 1,000 sensitive files including credit card numbers and health records left unprotected. (Varonis)
There’s no question that the situation with cybercrime is dire. Luckily, by assessing your business’s cybersecurity risk, making with company-wide changes and improving overall security behavior, it’s possible to protect your business from most data breaches.
Make sure you’ve done everything you can do to avoid your company becoming a victim to an attack. The time to change the culture toward improved cybersecurity is now.
There’s a new compiler at the helm of our monthly list of data breaches, following the departure of IT Governance stalwart Lewis Morgan, who leaves me with some mighty big shoes to fill.
Fortunately – or, rather, unfortunately – the new regime has a familiar ring to it, with another mammoth list of data breaches. By our count, there were at least 2,100,480,045 records compromised in March.
That brings the 2019 running total to 4.53 billion, and raises the monthly average to 1.52 billion.