2018 was a more expensive year for businesses that were victims of cyber-attacks compared to the previous years. Hackers and other malicious actors adopted innovative strategies for penetrating business networks and remaining undetected for longer periods. The 2018 cost of a data breach study conducted by the Ponemon Institute showed that there was a 2.2 percent increase in the average size of data breaches compared to 2017. Also, the average total cost of a data breach increased in 2018 from $3.62 million to $3.86 million, which is a 6.4 percent increase. In addition, the average price of each lost record increased from $141 to $148—an increase of 4.8 percent.
Let us review some of the strategies that were used by hackers to successfully penetrate the networks of their victims in 2018. By reviewing, you can strengthen your business, whether you were a victim or not.
1) FILELESS ATTACKS
Fileless attacks—also known as zero-footprint attacks, macro attacks, or non-malware attacks—are cyber-attacks that occur without the need to install new software on the end user’s device. As a result, fileless attacks can evade traditional security and forensic tools. With fileless attacks, hackers use approved applications already installed on the end user’s device. When the end user clicks on a malicious link or document, the code opens pre-installed programs, such as Windows PowerShell or Windows Management Instrumentation, which the code uses to locate and transfer the user’s data to the hacker.
Between January and June of 2018, there was a 94 percent increase in the use of fileless attacks by hackers. At present, fileless attacks comprise 42 out of every 1,000 attacks. The Equifax breach, which resulted in the compromise of 148 million records, was executed using fileless malware. Equifax downloaded vulnerable versions of the Apache Struts open software package that were exploited by hackers.
Cryptojacking is the illegal use of an end user’s device to mine cryptocurrency. Most times, the end user is unaware that the device has been commandeered, letting the hacker root around in the work unseen in the background. Affected devices or networks can experience several adverse effects including, performance degradation, increased power consumption, and hardware degradation.
In 2018, there was an increase in the incidence of cryptojacking as hackers shifted away from using ransomware as their preferred cyber-attack strategy; between January and June, cryptojacking increased by nearly 1,000% and 47 new cryptocurrency miner families were detected. Examples of some applications that were used by hackers for cryptojacking in 2018 include Google DoubleClick and adware ICLoader; users clicking on these applications had their devices hijacked and used for illicit crypto-mining.
3) EMAIL PHISHING
Despite the increase in public awareness, email phishing increased by 46% in the first quarter of 2018. Users clicked on attachments or links within emails they received or on websites, allowing hackers to install malware that compromised their devices and, in some instances, entire networks. Traditionally, phishing attacks were made on websites that used HTTP instead of HTTPS, as well as SSL certificates. Due to increased awareness, however, phishing attacks are increasingly being carried out on websites with HTTPS; unsuspecting users click on links on these websites because they are fooled into thinking that the links are legitimate. More than one-third of phishing attacks were conducted using websites with HTTPS and SSL certificates in the second quarter of 2018. The sectors most targeted by these phishing attacks in 2018 were:
- Payment (39.4 percent)
- Software-as-a-Service (18.7 percent)
- Financial institutions (14.2 percent)
- Cloud storage/file hosting (11.3 percent)
As we begin 2019, cyber-attacks are poised to become an even greater threat to businesses as hackers develop more innovative ways to compromise business networks for malicious purposes. As such, you should seek out the experts at Orenda Security to keep your network protected. With our expertise in cloud security, dynamic testing, and penetration testing, we ensure that all access points to your network are continuously monitored and fully protected.
Contact us today and request a quote!