HaltDos CYBER THREAT INSIGHTS REPORT
2019
www.haltdos.com
Executive Summary This report contains an overview of the insights of cyber attacks and data breaches. The report also highlights the motives behind today's emerging cyber-attacks. The cyber threat insights report combines statistical research and frontline experience to identify cybersecurity trends that are crucial to enterprises as they determine long-term growth strategies.
Contents General Trends DDoS Trends Application Attack Trends
General Trends Motivations behind cyber-attacks The motivation for attacks remained almost consistent over a year, the responses for “motive unknown� almost tripled in 2018.
92%
of companies attacked just once reported a form of theft.
76%
of organizations reported multiple assaults, while those attacked once rose to 92%.
Cyber Threats (2018-2019) Below is an overview and comparison of the threat landscape 2018 with the one of 2017: Top Threats Assessed Trends 2017 2017
Top Threats 2018
Assessed Trends 2018
Malware
Malware
Web Based Attacks
Web Based Attacks
Web Application Attacks
Web Application Attacks
Phishing
Phishing
Spam
DDoS
DDoS
Spam
Ransomware
Botnets
Botnets
Data Breaches
Insider threat
Insider threat
Physical manipulation/ damage/ theft/loss
Physical manipulation/ damage/ theft/loss
Data Breaches
Information Leakage
Identity Theft
Identity Theft
Information Leakage
Cryptojacking
Exploit Kits
Ransomware
Cyber Espionage
Cyber Espionage
TRENDS:
Declining,
Stable,
Increasing
RANKING:
Going up,
Same,
Going Down
Change In Ranking
NEW
Monthly Attacks (2018 - 2019) Below, chart compares the total events of 2017 and 2018 on a monthly basis. Clearly, with the sole exception of August, the level of activity has been constantly higher in 2018.
Most Common Types of Cyber Attacks It has been noticed that Malware/bot attacks, Phishing and DDoS attacks have increased over the year.
64%
of organizations have experienced a PHISHING ATTACK in the past year.
24%
of organizations have experienced a DDoS ATTACK in the past year.
Fileless Attacks are evolving It has been noticed that attackers are moving away from using malicious .exe files to package and deploy malware and it represents a major change in the way attacks are carried out. Below graphs are showing the adoption of fileless attack techniques are increasing over the years and file based attacks have decreased since 2018.
File Based Attacks
77%
of attacks that successfully compromised organizations used fileless techniques
File Less Attacks
Industries Most Vulnerable to CyberAttacks Some industries are extremely vulnerable to cyberattacks because of the data servers and networks that they rely on. With the growing dependency on technology, there is no industry or organization which is safe from cyber attack; the higher the dependency on online technology, the higher the scope of vulnerability. According to a research, it has been found that Finance and Healthcare sector is most vulnerable to cyber attacks. SMEs & Government agencies are very vulnerable. Media, manufacturing and energy sector is least vulnerable to cyber attacks.
Most Vulnerable to least vulnerable industries
Small and Medium-Sized Businesses
Healthcare
Financial Institutions & Banks
Governement Energy Industry Manufacturing
Cyber Attacks by Region in 2018
40%
Americas
Global 50% 40%
30%
30%
20% 20%
10%
10%
0%
30%
20%
20%
10%
10%
0%
0%
C ry pt om in er s M ob ile
30%
B ot ne t B an ki R an ng so m w ar e
40%
C ry pt om in er s M ob ile
40%
APAC
B ot ne t B an ki R an ng so m w ar e
EMEA
B ot ne t B an ki R an ng so m w ar e
C ry pt om in er s M ob ile
B ot ne t B an ki R an ng so m w ar e
C ry pt om in er s M ob ile
0%
It is oberved that Ransomware is no longer on the top of the malware list. Ransomware has been dropped from 30% at its peak in 2017 to less than just 4% in 2018.
Cyber Security Statistics
Antivirus solutions have been replaced by the next-generation endpoint cyber security solutions Major cyber attacks are projected to utilize fileless techniques in 2018 Ransomware is down, cryptomining is up The total cost of a successful cyber attack is over $5 million It takes organizations an average of 191 days to identify data breaches 56% of IT decision makers agree that phishing attack is one of the top security threat for them The Equifax data breach of 2017 impacted 143 million U.S. citizens Only 38% of global organizations claim they are prepared to handle a sophisticated cyber attack
69%
of organizations believe their antivirus can't stop the threats they're seeing.
61% of organizations have experienced an IoT security incident
DDoS Trends DDoS Attacks In addition to the WannaCry ransomware attack and Distributed Denial of Service (DDoS) attacks have increased since mid 2017. In 2017, attackers continued to use reflection/amplification techniques to exploit vulnerabilities in DNS, NTP, SSDP, CLDAP, Chargen and other protocols to maximize the scale of their attacks. The largest attack in 2017 reported was 600 Gbps. On Wednesday, February 28, 2018 GitHub got hit by the DDoS attack that was 1.35 terabits per second (Tbps), that's the largest distributed denial-of-service (DDoS) attack on record.
“Burst attacks” increasing in complexity, frequency, and duration One of the most significant DDoS attack trend has been observed that “Burst attacks” are increasing in which gaming websites and service providers are at high risk.
42% of attackers have found a number of ways to employ DDoS attacks.
85% Of organizations Hit With DDos ‘Burst Attacks’
DDoS Attacks Statistics by Quarterly In 2018, it has been found that 13% less DDoS activity than in the previous year. Below is a graph which is showing the Quarterly comparison of the number of DDoS attacks in 2017–2018 (100% = number of attacks in 2017).
Most Common Type of DDoS Attack in 2018 Below graph is showing the % of most common type of DDoS attack of 2018.
Quarterly DDoS Attacks Geography The top targeted country is still China, with its share practically changed (50.43% in Q4, against 77.67% in Q3). China was one of the most targeted country among all the quarters of 2018. It was observed that, Hong Kong was the second most targeted country in Q2, 2018.
DDoS Attack Statistics
The frequency of DDoS attacks have increased more than 2.5 times over the last 3 years The average size of DDoS attacks is increasing and approaching more than 1 Gbps IoT Botnet Attacks have increased over the years A new DDoS attack vector has emerged that is Memcached/ memcrashed DDoS attack DDoS attacks were 37% larger on average in the first six months of 2018 compared to the first six months of 2017 Large-scale DDoS attacks increase in size by 500% Organizations faced 8 attacks per day in Q2 2018, an increase of 40% over Q2 2017.
90% of remote code execution attacks are associated with cryptomining.
40%
of DDoS attacks have been increased from mid-2017 to mid-2018
174%
Maximum attack size of DDoS attack has been increased globally
Application Attack Trends Most Common Web app vulnerabilities The dominant category this year was by far injections, with 19% (3,294) out of the total vulnerabilities of 2018, which is also a 267% increase from last year. The number of Cross-site scripting (XSS) vulnerabilities continued to grow and appears to be the second most common vulnerability (14%) among 2018 web application vulnerabilities.
Trending in Vulnerabilities IoT Vulnerabilitiesdecreased IoT (Internet of Things) vulnerabilities appear to have decreased tremendously.
API Vulnerabilities Growing, but slowing API (Application Programming Interface) vulnerabilities are becoming more widespread as time goes by. New API vulnerabilities in 2018 (264) increased by 23% over 2017 (214), and by 56% compared to 2016 (169).
2017 Timeline of major cyber incidents
Company
No of Accounts hacked
When
Cellebrite
900 GB of Data stolen
January
PlayStation
2.5 Million Records
February
Gmail
1 million
May
Online Spambot
711 million
March
Verizon
198 million citizens
June
Deep Root Analytics
14 million
July
Equifax
145.5 million
September
RNC Contractor
200 million
August
Alteryx
120 million
December
TIO Networks
1.6 million
October
Uber
57 million
November
Nissan Canada
1.1 million
December
2018 timeline of major cyber incidents
Company
No of Accounts hacked
When
90 Million +
March, Sept, Dec
Quora
100 million
November
Marriott Hotels
500 million
November
TicketFly
27 million
May
Under Armour
150 million
May
Exactis
340 million
June
Cathay Pacific
4 million
October
Panera
1.1 billion
January
MBM Company
3 million
March
Pumpup
6 million
May
Sacramento Bee
5 million
June
No. of web application vulnerabilities In 2018, like 2017, we continued to see a trend of increasing number of web application vulnerabilities, particularly vulnerabilities related to injection such as SQL injection, command injection, object injection, etc. Below graph shows the number of vulnerabilities on a monthly basis over the last two years. We can see that the overall number of new vulnerabilities in 2018 (17,308) increased by 23% compared to 2017 (14,082).
Conclusion Until now, the attacks were limited to large enterprise, but our security consultants, have seen that cyber attacks on MSME sector is also on the rise. As we have seen cyber criminals continue to build and weaponize massive IoT botnets of unprecedented size and capability. It is concluded that, volumetric DDoS attacks have scaled back a bit in sheer size, but continue to increase in frequency. The average cost of a data breach in 2020 will exceed $150 million. More than, 90% of hackers cover their tracks by using encryption. IoT driven Botnet DDoS attacks have become more common. As sophisticated DDoS & web application attacks continue to evolve, people are switching to cyber security solutions like DDoS mitigation & web application firewall that identifies attack vectors, analyzes the digital fingerprint, and gathers intelligence to prepare against emerging cyber attacks. of companies admitted
50%
In short, 2019 will see more sophisticated threat vectors, more intensified attacks.
21%
Chance of repeat 21% attack in 24 hours
7
Attacks per customer per day
that their organization could be at risk because their data is not secure.
X2
Attacks over 10Gbps has doubled
About Company HaltDos is an award winning and leading appliance based DDoS mitigation & WAF solution provider company. HaltDos offers a unique and tailored-fit security solution that detects, protects, and monitors applications. HaltDos's main mission is to deliver the most innovative, highestperforming network security to secure and simplify your IT security.
More information about HaltDos and it's achievements can be found at www.haltdos.com
Headquarter- India Branch Office - Singapore | USA
www.haltdos.com
Follow us on social media: @haltdos
@halt_dos
@haltdos
@haltdos