Trustwave report highlights biggest cybersecurity trends of today>
Security Brief – Asia – Catherine Knowles
The 2020 Trustwave Global Security Report highlights key trends around cyber criminals activity and success rate, looking at specific technology, methods, industries and scams. Attacks on cloud services has more than doubled. Corporate environments continue to lead all environments targeted by cybercriminals at 54%, slightly down 2%, followed by ecommerce at 22%, down 5%, when compared to 2018. Cloud services also saw the biggest increase and is now the third most targeted environment accounting for 20% of investigated incidents, up significantly from 7% the previous year, Trustwave finds. half of all incidents investigated by Trustwave analysts were the result of phishing or other social engineering tactics, up from 33% in 2018. Interestingly, the 1,250% surge of cyrptojacking malware observed in 2018 used to place JavaScript coin miners on websites or infect carrier-grade routers all but vanished in 2019, after crypto mining service Coinhive shut down. The monetary return of encrypting specific computer files or entire systems and demanding payment accounted for 18% of breach incidents observed in 2019, up from 4% in 2018. By comparison, the success of ransomware was slightly higher than the total percentage of incidents involving card-not-present and track data at 17%. Meanwhile, findings show a notable decrease in the volume of spam email targeting organisations from 45.3% in 2018 to 28.3% in 2019. Trustwave states this is due to several large spamming operations reducing activities or vanishing altogether. Of the spam analysed in 2019 by Trustwave, only 0.2% contained malware down from 6% the previous year. Also in the realm of malware, downloaders at 24.9% made a significant jump in the largest single category of malware encountered, up from 13% in 2018. Also in the realm of malware, downloaders at 24.9% made a significant jump in the largest single category of malware encountered, up from 13% in 2018. Furthermore, 67% of exploits used against service providers involved CVE-2014-0780 giving remote attackers the ability to read administrative passwords in app files and execute arbitrary code in unspecified web requests. Finally, for a second consecutive year, the Asia-Pacific region led in the number of data compromises investigated, accounting for 37% of instances, up 2% from 2018 and 7% from 2017. North America followed at 33% slightly rising 3% from 2018; Europe, Middle East and Africa came in third at 25% and Latin America & Caribbean (LAC) at 4%. The retail sector led the number of incidents at 24% jumping 6% compared to 2018. The financial industry came in second at 14% and hospitality third at 13% up 3% since 2018.
Link: https://securitybrief.eu/story/trustwave-report-highlights-biggest-cybersecurity-trends-of-today