[SHOCKER] Internet Security is Getting Worse
An IBM study of Internet security was released this week, and the news is both surprising and depressing. Data breaches, denial of service attacks, and ransomware are up by over 500%. Spam and phishing are also on the rise. Here's what you need to know...
The State Of Network Security Is Awful
A record increase in stolen data and ransomware extortion incidents has security experts sounding the alarm. The IBM X-force Threat Intelligence Index released in March 2017, shows a 566% increase in stolen records, from 600 million in 2015 to more than 4 BILLION in 2016. Accordingly, the IBM report is subtitled "The year of the mega breach." Simultaneously, ransomware has grown from an occasional nuisance to a worldwide plague. Spam, once on the decline, ballooned 400%. That’s not good news.
IBM’s annual index is based on observations of more than 8,000 monitored security clients in 100 countries and data derived from non-client assets such as honeypots (servers deliberately set up to attract hackers) and spam sensors. IBM X-force records 8 million spam and phishing attacks daily, and analyzes 37 billion web pages and images for hidden threats.
Not everything in the Threat Intelligence Index directly pertains to consumers’ home computers. But when computers at companies both large and small are breached, the leaks of passwords, credit card details, and other personal data have powerful impacts on end users. Ransomware and phishing attacks, on the other hand, are often directed at consumers.
The bad guys are increasingly targeting unstructured data - email archives, business documents containing trade secrets, source code, etc. That’s because the value of structured data like passwords and credit card details has plummeted due to supply far outstripping demand. In other words, crooks have stolen more structured data than they can use, for now at least.
Ransomware is a billion dollar per year industry now. IBM Security found that 70% of businesses hit by ransomware paid over $10,000 to get their systems unlocked or their data decrypted. In the first three months of 2016, the FBI estimated that businesses paid $209 million in ransoms, an annual rate of over $800 million. And those are just the reported cases.
In my September 2015 article, Spammers and Scammers in the Slammer, I reported on many high-profile spammers who had been caught and sentenced to prison. But the focus of spam has shifted from selling products to delivering ransomware. Ransomware attacks are delivered as attachments to spam emails in many cases. This tactic fueled a 400% increase in spam during 2016. About 44% of spam emails included malicious attachments, and 85% of those were ransomware.
Healthcare was the most-targeted industry in 2015. Hackers switched to financial services in 2016. But while financial services saw the most attacks last year, the industry finished third in total number of compromised records. The lower success rate indicates that continued investments in security have had positive effects.
Healthcare systems continued to see a high number of attacks, but the focus was on smaller healthcare information systems, so the number of compromised records was relatively small - “only” 12 million. In 2015, over 100 million healthcare records were stolen. The shift to smaller targets suggests that large healthcare systems have beefed up their security compared to their smaller brethren.
Information and communication services, i. e., Yahoo and mobile data service providers, experienced the largest number of attacks and records leaks in 2016 - 3.4 billion records leaked in 85 breaches. Government victims had 398 million records stolen in 39 successful attacks.
Cybercrime is virtually invisible to consumers until a massive data leak makes news headlines. But it’s clear from the IBM X-force Security Index that the war between black hats and white hats is raging ever higher.
Home users must be well informed and vigilant. Anti-virus protection is your first line of defense. See my recommended Free Anti-Virus Programs, and be extra cautious with emails that contain attachments. I still recommend that you personally contact the sender to make sure they intended to send you the attached file, even if they are friend or family.
IBM encourages businesses to implement best practices for information security, and to share findings across the security community. By reacting quickly and sharing details widely, cybercrime will become less financially viable for attackers.
Your thoughts on this topic are welcome. Post your comment or question below...
This article was posted by Bob Rankin on 30 Mar 2017
|For Fun: Buy Bob a Snickers.|
Geekly Update - 29 March 2017
The Top Twenty
Is Online Privacy History?
Post your Comments, Questions or Suggestions
Free Tech Support -- Ask Bob Rankin
Subscribe to AskBobRankin Updates: Free Newsletter
Copyright © 2005
- Bob Rankin - All Rights Reserved
Article information: AskBobRankin -- [SHOCKER] Internet Security is Getting Worse (Posted: 30 Mar 2017)
Copyright © 2005 - Bob Rankin - All Rights Reserved