Dive Brief:
-
Last year more than 2.9 billion records were compromised and those are just the ones publicly disclosed, according to an IBM X-Force report from international data collected between January 2017 and December 2017. However, the number of leaked records decreased by 25% in 2017 because of the large shift to ransomware attacks, which cost companies about $8 billion internationally.
- Financial services and information and communications technology are the most frequently attacked industries, representing 17% and 33% of all attacks in 2017, respectively, according to the report. More than three-quarters of the attacks were injection attacks, or ones where hackers input "code into a program or query or inject malware" onto a computer to manipulate it remotely, according to IBM.
-
Security breaches related to misconfigured cloud infrastructure skyrocketed 424% in 2017 and was largely due to human error.
Dive Insight:
Cyberattacks are much like the flu: same threat but a different strain.
But humans are almost as threatening as cyberattacks. Humans play a hand in their cyber woes, whether it be misjudgment, misconfiguration, outdated software or falling for a phishing scheme,
This was especially evident in 2017 when the evolution of ransomware effectively redefined the threat landscape.
WannaCry took advantage of human ignorance and the tendency to ignore software updates. The malware had paired itself with exploits leaked from the NSA, making a lethal cocktail of destruction. The cyberattack also marked itself one of the biggest attacks of its kind on record, according to the report.
Following WannaCry, Nyetya, also known as NotPetya, took shape in the form of a wiper. Though WannaCry reached more than double the number of countries Nyetya did, both succeeded in crippling critical infrastructure.
But both attacks are conjoined not by how much money they stole in ransom, but by their ability to distract from destruction and this is trend expected to mature and increase.