2016 Cyber breach: likely the greatest threat of our lifetime. Kaspersky Lab has released a summary of the major incidents of 2016 and has looked forward into 2017 as to what may happen.
In 2016, the world’s biggest cyber threats were related to three things:
- Desire to disrupt.
The notable threats included the underground trade of tens of thousands of compromised server credentials, hijacked ATM systems, ransomware and mobile banking malware – as well as targeted cyber-espionage attacks and the hacking and dumping of sensitive data. These trends, their impact and the supporting data are covered in the annual Kaspersky Security Bulletin Review and Statistics reports.
In 2016 Kaspersky Lab research also discovered the extent to which companies struggle to quickly spot a security incident:
- 7 percent said it took them several days to discover such an event.
- 19 percent admitted it took weeks or more.
- 7 percent, it took months.
Among those that struggled most, eventual discovery often came about through an external or internal security audit, or an alert from a third party, such as a client or a customer. Further details on how a delay in detection impacts business recovery costs can be found in the Executive Summary of the review.
- The underground economy is bigger and more sophisticated than ever: just look at xDedic – the shady marketplace for more than 70,000 hacked server credentials that allowed anyone to buy access to a hacked server, for example one located in an EU country’s government network, for as little as $6.
- The biggest financial heist did not involve a stock exchange as expected: instead it used SWIFT-enabled transfers to steal $100 million.
- Critical infrastructure is worryingly vulnerable on many fronts: as revealed at the end of 2015 and into2016 by the BlackEnergy cyberattack on the Ukrainian energy sector that included disabling the power grid, wiping data and launching a DDoS attack. In 2016 Kaspersky Lab experts investigated industrial control threats and discovered thousands of hosts around the world exposed to the Internet, with 1% carrying vulnerabilities that can be exploited remotely.
- Targeted attacks can have no pattern: shown by the ProjectSauron APT, an advanced, modular cyber-espionage group that customized its tools for each target, reducing their value as Indicators of Compromise (IoCs) for any other victim.
- The online release of vast volumes of data can directly influence what people think and believe: as evidenced by the ShadowBrokers and other personal and political data dumps.
- A camera or DVD player could become part of a global Internet-of-things (IoT) cyber-army: as the year ends it is clear that the Mirai-powered botnet attacks are only the beginning.
Download the reports…they are rich with information and worth your time.
Kaspersky 2016 Summary
Kaspersky 2017 Predictions