IBM’s latest X-Force Threat Intelligence Index report reveals that more than 2.9 billion records were leaked through publicly disclosed incidents in 2017. While that sounds horribly bad, there’s a bright side to this stormy disclosure: the number is 25 percent lower than the amount of records leaked in 2016. Why? Because hackers are shifting over to ransomware. They’re becoming more focused on holding files hostage for money than on unleashing all that data to the dark markets.
According to IBM, this shift to ransomware cost corporations more than $8 billion globally during 2017, a number derived from downtime, ransom payments, and other impacts on day-to-day business. The global logistics and transportation industries alone lost “millions of dollars” in revenue during 2017 due to ransomware attacks.
Ransomware is a type of malware that infiltrates a network and encrypts files on connected PCs. These files become unrecoverable, and require a “key” generated by the hacker to be released from captivity. These keys are provided after a payment using cryptocurrency, adding to the overall cost corporations incur due to downtime. Hiring a third party to recover the files may or may not work, depending on the level of encryption.
“With the potentially irreversible encryption lock of crypto-ransomware, victims without up-to-date backups often choose to pay the ransom their attackers demand,” the report states. “Losing one’s files on personal devices may cost a few hundred dollars, but that effect extends much further for organizations where infected users could cause the company to lose massive amounts of data, and possibly to have to pay the criminals considerable sums of money to get it back.”
The report reveals that many organizations keep cryptocurrency on hand so they can resolve the problem quickly and reduce costly downtime. Law enforcement agencies discourage payments to hackers, but the rising ransomware “epidemic” is getting to the point where it may potentially cost corporations across the globe more than $11.5 billion annually by 2019, according to research by Cybersecurity Ventures. Malware, by contrast, values leaked personal data over the potential financial gain of locking sensitive data on corporate networks.
In addition to ransomware, the report covers network attack trends, inadvertent insider incidents, insider-inflicted breaches, cybercrime, and cryptocurrency. One of the more alarming entries is the section about misconfigured cloud servers, which resulted in the exposure of more than two billion records in 2017, a whopping 424-percent increase over 2016. The problem actually dates back to 2015, as researchers found they could access the data on these cloud servers without the need for a username or password.
In 2017 alone, 19 incidents regarding misconfigured cloud storage breached 345,850,453 records, equaling 2.2TB worth of data. Meanwhile, misconfigured cloud databases enabled 11 incidents exposing 566,402,270 records equaling 1.2TB worth of data. Misconfigured rsync, NAS, and backup solutions caused five incidents exposing 393,434,309 records equaling to 1TB of data.
Financial services saw the largest issues in 2017 for the second year in a row. They experienced the highest volume of security incidents while falling in third place regarding actual cyberattacks. Information and communications technology industries experienced the highest number of attacks and the second-largest in security incidents. Manufacturing fell to third place in both attacks and incidents, followed by professional services.
