Healthcare Institutions Received More Attacks than Finance In 2018
Summarizing the outcomes of 2018, the experts noted an increase in the share of targeted attacks that grew throughout the year reaching 62 percent in Q4. By and large, targeted attacks became the favorite method of attackers (55 percent) in 2018, unlike the previous year.
The number of attacks aimed at data theft keeps growing. A statistical analysis of 2018 showed that attacker interest was mainly focused on personal data (30 percent), credentials (24 percent), and payment card information (14 percent).
In 2018, healthcare institutions in the U.S. and Europe were at the center of attention from hackers, receiving more attacks than even banks and finance. In addition to stealing medical information, hackers also demanded ransom for restoring the operability of computer systems. Hospitals were ready to pay hackers, patient lives being at stake. According to experts, attackers got hold of personal data and medical information of more than 6 million people.
DDoS attacks became more powerful. Thus, 2018 was marked by the two biggest DDoS attacks in history, reaching 1.35 and 1.7 terabits per second. IT companies were the second-most common target of DDoS attacks, after government institutions. Hackers disrupted the operations of internet service providers and game companies, which are particularly sensitive to downtime and equipment disruption.
In 2018, malware was used in 56 percent of attacks. Such popularity is caused by the fact that malicious software is becoming more and more available each year, which reduces the barrier to entry for cybercriminals. Attackers mostly used spyware and remote administration malware to collect sensitive information or gain a foothold on systems during targeted attacks.
As cryptocurrencies fell in price and mining became more difficult, the number of cyberincidents with miners decreased. The share of miners diminished from 23 percent in Q1 to only 9 percent in Q4 2018.
“We cannot help but see a significant increase in social engineering,” said Leigh-Anne Galloway, cybersecurity resilience lead at Positive Technologies. “Hackers use it in every third attack.” Various communications methods are leveraged, including email, chat clients, phone calls, SMS messages, and even postal mail.
Almost a quarter of attacks (23 percent) hit individuals. As for organizations, government institutions suffered in 19 percent of cases, whereas healthcare and financial institutions were targeted in 11 percent and 10 percent of cases, respectively.
In most cases, attackers hit corporate infrastructure (49 percent) and websites (26 percent).
In 2018, the number of unique incidents grew by 27 percent compared to the previous year. Attacker activity was at its peak in February, May, July, and at the end of the year, which according to experts can be linked to major sports competitions, such as Winter Olympic Games and FIFA World Cup.
“Boundaries between cybercrime and other criminal activity are rapidly blurring,” added Galloway. “A lot of attacks involve theft of data, not theft of funds. Hacking computer systems may be only a first step in major fraud schemes or tool in a cyberwar.” Stolen data can be used both against individuals, for example by taking out loans in someone else’s name, and against organizations and even governments (such as by stealing other people’s technologies and inventions).
A copy of the report is available here: https://www.ptsecurity.com/upload/corporate/ww-en/analytics/Cybersecurity-threatscape-2018-eng.pdf