2017 Record Year for Cybersecurity Breaches, Ransomware and Exploits
2017 Record Year for Cybersecurity Breaches, Ransomware and Exploits
GULF BREEZE, FL, JANUARY 25, 2018 — More than 14.5 billion emails laced with malware were sent in 2017 according to the annual Global Security Report issued by AppRiver. The majority of cyber threats were initiated in the US and persisted throughout the year, with significant peaks in August, September and October. The Global Security Report, based on data compiled globally by AppRiver’s SecureTide® and SecureSurf® filters, highlights recent trends in email and web-based spam and malware attacks, and offers insights and predictions regarding the 2018 cybersecurity landscape.
In the first half of 2017, 1.9 billion data records were lost or stolen as a result of cyberattacks. This followed a tough year in 2016, when losses totaled $16 billion and criminals pocketed approximately $1 billion in ransomware payments alone. Some of the largest publicly-disclosed breaches in 2017 ranged from compromised data at Equifax, affecting 143 million American consumers, to Yahoo updating the severity of its 2013 hack from 1 billion to approximately 3 billion customer accounts.
Significant Cybersecurity Attacks of 2017
Phishing and Malware Attacks: AppRiver observed a 1,000 percent increase in phishing efforts, including those tailored to gather user email login credentials, followed by an unparalleled spike in malware attacks launched from the compromised email accounts of users across all services, including Office 365, Gmail, Yahoo and AOL.
Malware-as-a-Service: Last year illustrated a significantly lower barrier-of-entry into cybercrime, with user profile names and credit card numbers readily available on the dark web and distribution of 20K messages for just $40. Some common attack types included:
DSD: AppRiver continued its reporting on Distributed Spam Distraction (DSD), which returned in strength last year. This attack fills inboxes with nonsense emails, simultaneously disguising a cybercriminal’s purchase or wire fraud activity in real time and distracting users from seeing legitimate email.RAT: The Adwind Remote Access Trojan (RAT) provides hackers with remote control of malicious programs across Windows, Linux, Mac and Android devices. In 2017, RAT was often introduced to users in the form of fake payment confirmation emails.
Ransomware: Many new strains of ransomware arrived in 2017, including Cerber, Jaff, Nemucod, Spora and Petya/NotPetya. Some of the most prolific included:
WannaCry, which infected hundreds of thousands of computers worldwide, demanding a $300 bitcoin ransom.Locky, which was distributed mainly by the Necurs botnet and sometimes arrived at the rate of 4 million messages per hour. Fortunately for AppRiver customers, the SecureTide filter caught nearly 1 billion messages that would have led to a Locky infection.
DDE Attacks: The Dynamic Data Exchange (DDE) protocol attacks produced highly targeted emails spoofing the Security and Exchange Commission’s EDGAR, gaining further traction when the largest botnet (Necurs) began to distribute malicious DDE documents. During October of 2017 alone, AppRiver filters captured nearly 50 million malicious DDE-laced documents.
“At a time when most people thought cyberattacks couldn’t possibly get worse, 2017 dealt a harsh dose of reality with costly and more threatening data breaches,” said Troy Gill, security analyst for AppRiver. “The 2017 Global Security Report discusses how hackers leveraged known and previously unexploited vulnerabilities. It also includes actionable advice that every business leader should follow to temper the digital risk of attacks, breaches, spam and malware in 2018.”
What’s Ahead: 2018 Predictions
Large Data Breaches are on the Way: The volume of personal data stolen in the past year, such as with the Equifax breach, creates the potential for widespread fraud on a greater scale, creating hysteria for consumers and lenders alike.Attacks from Trusted Sources: Between the resurgence in phishing attacks and the volume of stolen personal data available online, we expect to see more malicious attacks leveraged from hacked accounts and profiles.New Federal Legislation: Expect security breach notifications laws to be passed regarding incident handling and how breaches are reported to law enforcement, financial institutions and consumers.State-Sponsored Attacks will Increase: This year will bring further challenges from the 2017 attacks from North Korea and Russia, and the distinction between criminal hackers and state-sponsored attacks more difficult to determine.Cryptocurrency Theft and Mining: Bitcoin and Ethereum values skyrocketed in 2017, and malware authors will build upon capabilities to steal cryptocurrency payment information and wallets in 2018.The worst is yet to come for IoT botnets: Internet of Things (IoT) devices are becoming popular with consumers. IoT botnets will continue to expand and increase in sophistication in 2018, producing intended and unintended physical consequences.Routine, mandatory software updates to patch known vulnerabilities and avoid providing an open door for hackers
Best Practices for a More Secure 2018
To reduce exposure to malware attacks in 2018, AppRiver recommends businesses have the following technologies and procedures in place:
Antispam and antivirus solutions, including protection against Web-borne malwareRoutine, mandatory software updates to patch known vulnerabilities and avoid providing an open door for hackersDouble authentication procedures as a safeguard against “whaling” and other highly targeted attacksFormal security policies and ongoing training to ensure employees are aware of threats and risks, and stay apprised of their individual role in safeguarding the network
A full, complimentary copy of the 2017 Global Security Report is available at https://www.appriver.com/about-us/security-reports/global-security-report-end-of-year-2017/.
AppRiver also offers a wide array of cloud-based security solutions free for 30-days at www.appriver.com/trial.
About AppRiver
AppRiver offers cloud-based cybersecurity and productivity services to over 60,000 companies worldwide. Launched in 2002, with spam and virus filterings as its flagship service, AppRiver has since added web malware protection, email encryption, secure archiving, and email continuity to its suite of security services. The company also has established itself among the world’s top providers of Office 365 and Secure Hosted Exchange mailboxes. All services are offered on a pay-as-you-use basis backed by its, fully supported and award-winning 24/7 white-glove Phenomenal Care™ customer service. AppRiver is headquartered in Gulf Breeze, Florida and maintains offices in Georgia, Texas, Switzerland and Spain. For more information, please visit www.appriver.com.