The 2017 Global Threat Intelligence Report (GTIR) broke down the cyber security threats the world faced last year. Not only will we discuss some key features, but also ways to mitigate each threat.
73% of Malware Attacks were Distributed via Phishing Attacks
Emails with malicious intent, or phishing emails, proved to be the method of malware distribution in 2017. The risk of falling victim to phishing has been a well-covered topic, but mitigating the risk is still a struggle. Cyber criminals are using this distribution method for two primary reasons.
First, human error. Individuals tend to click without thinking. Users often don’t read what they’re clicking on, or read what they’re accepting. There lies the problem. People receive emails saying they need to open an invoice, receipt, tracking code, etc. and they do it without checking the legitimacy of the email.
Second, malware variants change every hour, in some cases, every few minutes. Therefore, security solutions using a traditional blacklist approach will not catch these unknown variants. If you put those two together, you have a human who is willing to download or approve just about anything, and a security solution that won’t catch it. It’s the perfect storm.
But, there’s a way to stop it. First, is cyber security awareness training for all users. Second, use a security solution that implements an automated whitelist technology. The whitelist will only allow known trust programs to execute, and block all unknown files. By implementing both, phishing attacks will be significantly less likely.
Adobe, Java and Internet Explorer Targeted by Cyber Criminals
According to the GTIR, the three technologies targeted most by hackers were Adobe, Java and Internet Explorer. Why? Because they’re known to not be updated in a timely fashion. The fix? Find a security solution or patch management service that automates the updating process. Therefore, once an update is available, it is done automatically. This will patch any security vulnerabilities found in the previous version, closing the open doors left open for hackers.
77% of all Ransomware was Within Four Industries
The GTIR also reported over three-quarters of 2017’s ransomware attacks that took place throughout the globe, hit four major industries. Twenty-eight percent hit the business and professional services industry, 19% hit government agencies, and the remaining 30% was split evenly between the retail and healthcare industries.
Last year, ransomware damage costs were expected to exceed $5 billion worldwide. This includes costs associated with ransom payments, company downtime, lost productivity, reputation damage, and remediation costs.
With primary sectors, such as the government and healthcare industries, being targeted, and the hefty price tag associated with these attacks, prevention has never been more critical. To properly prevent malicious cyber attacks, such as ransomware, users must do the following:
- Keep the operating system updated
- Ensure all programs and application, including the security solution, is updated
- Implement a security solution that utilizes an application whitelist technology
- Take part in cyber security training
- Disable Macros
- Evaluate administrative rights access, and remove all parties who do not need said access
By implementing the above suggestions, cyber security threats users worldwide face daily will be minimized drastically. Cyber security threats for 2018 will only continue to advance. How will you protect yourself?