Close
  • Latest News
  • Artificial Intelligence
  • Video
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Logo
Logo
  • Latest News
  • Artificial Intelligence
  • Video
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Cybersecurity
    • Cybersecurity

    Ransomware Attacks Doubled in 2017, Verizon Reports

    Written by

    Sean Michael Kerner
    Published April 10, 2018
    Share
    Facebook
    Twitter
    Linkedin

      eWEEK content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More.

      Ransomware attacks grew significantly in 2017, doubling in volume from the year earlier, according to Verizon’s 2018 Data Breach Investigations Report, which was released on April 10.

      Verizon’s 2018 DBIR reveals insights on the state of data breaches, derived from analysis of over 53,000 security incidents and 2,216 breaches.

      The doubling of ransomware attacks from the volume reported in last year’s DBIR wasn’t the only high-level finding in this year’s report. Verizon also noted a spike in financial pretexting attacks, where hackers aim to gain personal information about individual’s tax returns. In terms of where breaches are coming from, Verizon reported that 72 percent of attacks were perpetrated by outsiders.

      “This year we saw a second year of surging ransomware that was incredible, but not altogether unexpected,” Gabe Bassett, senior information security data scientist at Verizon Enterprise Solutions, told eWEEK. “Ransomware doubled in 2016, and it doubled again in 2017.”

      Ransomware was found in 39 percent of malware-related security incidents examined by Verizon for the 2018 DBIR. Bassett said Verizon somewhat expected ransomware to grow, since it offers a good value proposition for attackers.

      “Ransomware is easy to exploit; you just have to get someone to run an attachment,” he said. “We know from our phishing data that in any campaign an average of 4 percent of people will click an attachment.”

      Bassett added the ransomware is relatively easy for hackers to monetize with cryptocurrency and the attack vector has become commoditized with multiple ransomware-as-a-service offerings.

      Financial Pretexting

      Social engineering attacks are not a new category for Verizon’s DBIR, though in 2017, Bassett said there was a rise in an emerging form of attack known as financial pretexting. In a financial pretexting attack, a hacker calls a company claiming to be a corporate executive and asks for a financial transfer. Verizon found that in 2017 there was an increase in financial pretexting going after W2 tax information.

      “In the tax information attacks, it’s a more subtle attack. You’re not asking someone to make a $40,000 transfer; you’re just asking for some documents,” Bassett said. “But those documents have substantial value for use in tax fraud.”

      Breach Discovery

      A key metric tracked by Verizon is the time to detection for a data breach. Verizon reported that 87 percent of breaches took “minutes or less” for attackers to gain access. In contrast, 68 percent of breaches were undiscovered by organizations for one or more months.

      Since 2014, Verizon has identified nine basic attack patterns into which nearly all attacks can be categorized: point-of-sale (POS) intrusions, web application attacks, insider misuse, theft and loss, miscellaneous errors, crimeware, payment-card skimmers, denial-of-service attacks and cyber-espionage. For the 2018 report, the top category for breaches was web applications, followed by miscellaneous errors.

      VERIS

      While the data collected by Verizon for its annual DBIR is noteworthy, as it shows trends in the breach landscape, so too is the process and technology used for analysis.

      The technology behind Verizon’s DBIR is known as the Vocabulary for Event Recording and Incident Sharing, or VERIS, which is a framework for understanding and recording security breaches. In 2014, Verizon first made VERIS publicly available on the GitHub social coding site. Bassett said VERIS has been enhanced significantly in recent years to help automate data collection and analysis.

      “We’ve really evolved from a manual process that several years ago was Excel spreadsheets,” Bassett said. “We now have a workflow using Apache Airflow which takes in all the raw data every night, generates the data frame and generates all of our analyses.”

      Verizon is continuing to make improvements to VERIS that will enable the company to include new types of analysis when the 2019 DBIR is released next year.

      “We have started to collect path data, so instead of thinking of data breaches as a single point in time, we’re collecting information on the path a breach has taken,” Bassett said. “We have a basic capability to do that now, and we’re working to improve the underlying data structure to better support that.”

      Looking Forward

      Bassett doesn’t expect that the volume of attacks and data breaches will decline in 2018, though he is optimistic that positive changes can occur.

      “There are a lot of targets and any attacker can breach someone, and some attackers can reach everyone,” he said. “But what’s important to remember is that not every attacker has to be able to breach you and your company.”

      Organizations that implement security best practices and controls can limit their risks and avoid becoming a statistic in the DBIR, Bassett said. That said, he noted that for every organization that does better, there is likely another organization that hasn’t done the work and will become a new target for an attacker.

      “We’ll probably have just as many breaches next year because the attackers are saturated, but your organization doesn’t have to be the one being breached; it can be someone else,” he said.

      Sean Michael Kerner is a senior editor at eWEEK and InternetNews.com. Follow him on Twitter @TechJournalist.

      Sean Michael Kerner
      Sean Michael Kerner
      Sean Michael Kerner is an Internet consultant, strategist, and writer for several leading IT business web sites.

      Get the Free Newsletter!

      Subscribe to Daily Tech Insider for top news, trends & analysis

      Get the Free Newsletter!

      Subscribe to Daily Tech Insider for top news, trends & analysis

      MOST POPULAR ARTICLES

      Artificial Intelligence

      9 Best AI 3D Generators You Need...

      Sam Rinko - June 25, 2024 0
      AI 3D Generators are powerful tools for many different industries. Discover the best AI 3D Generators, and learn which is best for your specific use case.
      Read more
      Cloud

      RingCentral Expands Its Collaboration Platform

      Zeus Kerravala - November 22, 2023 0
      RingCentral adds AI-enabled contact center and hybrid event products to its suite of collaboration services.
      Read more
      Artificial Intelligence

      8 Best AI Data Analytics Software &...

      Aminu Abdullahi - January 18, 2024 0
      Learn the top AI data analytics software to use. Compare AI data analytics solutions & features to make the best choice for your business.
      Read more
      Latest News

      Zeus Kerravala on Networking: Multicloud, 5G, and...

      James Maguire - December 16, 2022 0
      I spoke with Zeus Kerravala, industry analyst at ZK Research, about the rapid changes in enterprise networking, as tech advances and digital transformation prompt...
      Read more
      Video

      Datadog President Amit Agarwal on Trends in...

      James Maguire - November 11, 2022 0
      I spoke with Amit Agarwal, President of Datadog, about infrastructure observability, from current trends to key challenges to the future of this rapidly growing...
      Read more
      Logo

      eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site’s focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Advertisers

      Advertise with TechnologyAdvice on eWeek and our other IT-focused platforms.

      Advertise with Us

      Menu

      • About eWeek
      • Subscribe to our Newsletter
      • Latest News

      Our Brands

      • Privacy Policy
      • Terms
      • About
      • Contact
      • Advertise
      • Sitemap
      • California – Do Not Sell My Information

      Property of TechnologyAdvice.
      © 2024 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×