ChannelVision Magazine

said Jeff Wilbur, director of the OTA initiative at the Internet Society. “This year’s big increase in cyberat- tacks can be attributed to the sky- rocketing instances of ransomware and the bold new methods of crimi- nals using this attack.” In the report, OTA also concluded that 93 percent of breaches could have been avoided had simple steps been taken, such as regularly updat- ing (“patching”) software, blocking fake email messages by using email authentication and training people to recognize phishing attacks. Of the reported breaches in 2017, OTA found that 52 percent were the result of actual hacks, 15 percent were due to lack of proper security software, 11 percent were due to physical skimming of credit cards, 11 percent were due to a lack of internal controls preventing employees’ negligent or malicious actions and 8 percent were due to phishing attacks. “Regular patching has always been a best practice, and neglect- ing it is a known cause of many breaches, but this received special attention in 2017 in light of the Equi- fax breach,” said Wilbur. “In 2018, we expect patches to play an even more integral role due to the recently discovered Spectre and Meltdown vulnerabilities, where nearly every computer chip manufactured in the last 20 years was found to contain fundamental security flaws.” Spotlight on Ransomware Ransomware was a major story in 2017, where a bad actor uses mal- ware to infect a machine and encrypt all files, rendering them useless un- less a payment is made. This will continue to be a major issue across the globe if trends continue, with 54 percent of organizations in the Sophos State of Endpoint Security Today survey experiencing an at- tack in the last year, and a further 31 percent expecting to be victims of an attack in the future. The survey, which polled more than 2,700 IT decision makers from midsized businesses in 10 countries worldwide, including the U.S., Can- ada, Mexico, France, Germany, UK, Australia, Japan, India and South Africa, found that, on average, re- spondents impacted by ransomware were struck twice. To boot, the damage goes far beyond the loss of the ransom or paying for mitigation. According to the report, the median total cost of a ransomware attack was $133,000, which includes downtime, manpow- er, device cost, network cost and lost opportunities. A few (5 percent) of those surveyed reported $1.3 million to $6.6 million as total cost. “Ransomware is not a lightning strike – it can happen again and again to the same organization. We’re aware of cybercriminals un- leashing four different ransomware families in half-hour increments to ensure at least one evades security and completes the attack,” said Dan Schiappa, senior vice president and general manager of products at Sophos. “If IT managers are unable to thoroughly clean ransomware and other threats from their systems after attacks, they could be vulner- able to reinfection. “No one can afford to be compla- cent, said Schiappa. “Cybercriminals are deploying multiple attack methods to succeed, whether using a mix of ransomware in a single campaign, taking advantage of a remote access opportunity, infecting a server or dis- abling security software.” This relentless attack methodology combined with the growth in ransom- ware-as-a-service, the anticipation of more complex threats and the resur- gence of worms such as WannaCry and NotPetya puts businesses in Cyber Patrol What types of security breaches have you suffered in the past 12 months? (of the 283 who reported a breach in the past 12 months) Source: SolarWinds MSP Source: Sophos; Vanson Bourne Hit by ransomware, by sector 1% 0% 0% 7% 10% 11% 13% 10% 22% 21% 20% 23% 26% 20% 28% 29% 37% 27% 31% 24% 31% 29% 33% 32% 34% 31% 37% 38% 36% 5% Failure of a critical business system, such as a line of business system Insider accidental act (deletion of data, exposure of confidential data) Cybercriminal DDoS or other fraud/extorton attempt Total He lthcare products and technologies Energy, oil/gas and utilities Business and profesional services Retail, distribution and transport IT, technology and telecoms Public sector Manufacturing and production Construction and property Media, leisure and entertainment Other commercial sector Private education Financial services Insider malicious act (theft or destruction of data or systems) Ransomware outbreak Payment/credit card or other personal private information data breach Extended Internet outage lasting more than a day Theft or loss of any endpoint, hard drive, mobile device, or USB storage media that contained sensitive data Employee victimized by fraud or social media harassment at work or home Other US UK Total 54% 76% 65% 59% 58% 55% 54% 51% 49% 48% 48% 47% 45% Yes, we have been hit by ransomware in the last 12 months Channel Vision | January - February, 2018 14