On Tuesday July 9, 2019 the Internet Society’s Online Trust Alliance (OTA) released its 11th Cyber Incident & Breach Trends report, which provides an overview of cyber incidents – and offers steps organizations can take to prevent and mitigate the potential damage. This year’s report found a shifting landscape of cyber incidents. As the growth of some attack types levels off, others increase.
Adding it all up, OTA estimates that there were more than 2 million cyber incidents in 2018, and it is likely that even this number significantly underestimates the actual problem. OTA estimates an overall financial impact of at least $45 billion worldwide. The lead categories of attacks are cryptojacking (1.3 million) and ransomware (500,000), followed by breaches (60,000), supply chain (at least 60,000 infected websites), and Business Email Compromise (20,000).
There are many organizations that track data breaches overall. For example, Risk Based Security Reported the highest number at 6,515 breaches and 5 billion exposed records, both down from 2017. These estimates vary depending on their methodologies – see our full report for all of the breach estimates and our methodology.
One well-established attack type, ransomware, saw a decline in 2018. However, the total dollar value of these attacks continues to grow. Another well-known attack is Distributed Denial of Service (DDoS). Examples of successful DDoS attacks in 2018 range from banking (ABN AMRO) to education (Infinite Campus) to email services (ProtonMail) to software services (GitHub).
Business Email Compromise, where employees are deceived into sending funds to attackers posing as employees of a firm, also grew. The FBI’s 2018 Internet Crime Report reported more than 20,000 incidents in the U.S., resulting in nearly $1.3 billion in losses (an increase from approximately 16,000 incidents and $677 million in losses in 2017).
New to this year’s report is cryptojacking, which saw a marked increase in 2018. Trend Micro detected more than 1.3 million instances of cryptojacking code in 2018, a greater than three-fold increase from 2017. Supply chain attacks, also new to the report, grew as well. Symantec’s Internet Security Threat Report reported a 78% growth in supply chain attacks.
Other attack categories are based on the shifting infrastructure of the Internet. Many businesses rely on cloud services for some or all of their operations and as a result have become a target for attacks. One estimate by research firm Digital Shadows found that in 2018 there were 1.5 billion files exposed around the world solely due to misconfigurations in cloud services.
IoT devices are increasingly becoming tools to carry out various types of attacks, from DDoS to cryptojacking. Kaspersky Labs reported that in the first half of 2018 they saw a three-fold increase in the number of malware variations used to attack IoT devices.
But the report offers advice on how organizations can better prevent and mitigate cyber incidents. Organizations can use the OTA IoT Trust Framework to help make the entire IoT ecosystem safer. They can also follow the recommendations in the Cyber Incident & Breach Trends report.
While the landscape of cyber incidents is both vast and shifting – and may include new attack types – the guidance offered in the report remains largely unchanged. Organizations must remain vigilant and assume that at some point they will have to deal with a cyber incident. Following the recommendations in the Cyber Incident & Breach Trends report is a good first step.