Despite malware attacks becoming less common
since Q1 2018, they are still the top attack method, according to new research
from Positive Technologies.
In its Q2 2018
Cybersecurity Threatscape, Positive Technologies found that the
number of unique cyber incidents grew by 47% from the same period last year,
while malware attacks dropped from 63% in Q1 to 49% in Q2. Credential
compromises more than doubled between Q1 (7% of all attack methods) and Q2
(19%).
The report also found that most unique
cyber incidents were targeted attacks on companies, their clients and cryptocurrency
exchanges. Attackers used malware and made efforts to exploit zero-day
vulnerabilities. Additionally, they leveraged social engineering tactics to
steal administrator passwords and accessed partner companies in pursuit of
their targets.
Both May and June saw twice as many attacks as were reported in Q1
2017. During Q2, hackers stole more than $100 million from cryptocurrency
platforms. In addition to cryptocurrency, attackers were also out to obtain
data in the second quarter of 2018. In fact, in 40% of the attacks, obtaining
information was the apparent motivation, while 39% of attackers were conducted
for financial gain. Most often, attackers compromised online platforms and
e-commerce sites to steal personal data, credentials and credit cards.
Information is in high demand on the dark
web, with a reported 59% of the supply offered consisting of users credentials.
With the stolen credentials, attackers can access a variety of sites and
services, including banks.
“We took a look at which information attracted
hackers the most in Q2 2018. At the top of the list are personal data (30%) and
account credentials (22%), such as for online banking. Credit and debit card
information (15%) was obtained most often by using spyware or via compromised
websites,” Positive Technologies
wrote.
Targeted
attacks against companies and organizations represented 54% of the total Q2
2018 attacks, though only 15% of attacks were against government.
Infrastructure was the target of 44% of attacks this second quarter, while attacks
on web resources grew nearly 10 points from 23% in Q2 2017 to 32% in 2018.
No comments:
Post a Comment