While the Top 'Avenues of Approach' Differ By Industry, Most Organizations Lack the Necessary Situational Awareness to Effectively Prevent Cyber Attacks
August 17, 2015 – Sterling, VA - While some cybercriminals' capabilities are increasingly sophisticated, most still rely on tried and true, user-targeted techniques to gain unlawful access and steal sensitive information according to a new, mid-year report released today by cyber risk intelligence solution provider, SurfWatch Labs. The report found that the most common enabler for cyber crime methods was user interaction points with websites, applications, accounts and endpoints - accounting for 77% of all evaluated cyber intelligence collected and analyzed by SurfWatch Labs.
The SurfWatch Labs 2015 Mid-Year Report is organized by industry and examines the top Avenues of Approach used by cybercriminals to gain unauthorized access to systems and sensitive data. The goal of the Report is to identify the most effective actions organizations can take to reduce their cyber risk.
"Our data clearly shows most attackers go after soft targets – exploiting end-users and their numerous decision-points they face while interacting with technology," said Adam Meyer, Chief Security Strategist, SurfWatch Labs. "The problem is traditional cybersecurity approaches focus on detection rather than prevention. If you want to ensure your house doesn't burn down, would you buy more smoke detectors or would you try to identify the risk factors for a fire starting? Organizations need to start putting more emphasis on gaining situational awareness of their cyber risks - so they can take more preventative actions."
The Report analyzes all of the CyberFacts, which are evaluated cyber intelligence, collected by SurfWatch Labs, from January 1 – June 30, 2015. A CyberFact consists of an Actor - who conducted the attack, Target - what information/systems were targeted, Effect - what was the impact of the attack and Practice - what method was used, along with other key metadata and information such as the target industry sector.
Key findings of the report highlight the top avenues of approach by industry:
- Industrials (including energy and utility sectors) - Cyber criminals most targeted organizations' web browsers and mobile sites by sending spear phishing emails to their business support providers and convincing their users to open malicious Adobe PDF files, eventually allowing them to steal customer data.
- Financial Services (including banks and insurers)- Banks and payment card processors were top targets with spear phishing emails that led to the exploitation of Internet Explorer vulnerabilities. Ultimately, this led to stolen customer data.
- Consumer Goods (including retail and hospitality) - Malvertising campaigns exploiting Internet Explorer or Adobe Flash vulnerabilities rank as the highest cybercrime delivery method for consumer goods and those attacks also incite user interaction. A common practice was for cyber criminals to send legitimate ads to ad merchants representing news sites and once approved, the criminal then re-sends a malware-laden advertisement labeled 'minor modification' in the hopes of passing through the merchant.
- Healthcare – The only industry where compromised web browsers did not represent the bad guys' lead target. Unauthorized access from both negligent and malicious insiders was the leading avenue of approach so far this year, which led to stolen personally identifiable information (PII).
"Focus on what the data is telling you from a cyber risk perspective," Meyer said. "Treat cybersecurity the same as how other functional areas of successful businesses are run, like finance and sales. By understanding the more typical avenues of approach that cybercriminals use in your industry, you can shift from blindly focusing all of your cybersecurity resources on detection-based efforts, to putting more preventative measures in place – ultimately improving your long-term cyber resiliency."
The free report may be downloaded at: http://info.surfwatchlabs.com/2015-mid-year-cyber-risk-report
About SurfWatch Labs
SurfWatch Labs was formed in 2013 by former US Government intelligence analysts to help organizations understand their unique cyber risks from a higher level, business intelligence perspective. SurfWatch cyber risk intelligence solutions provide relevant, timely and tailored information that allows you to:
- Easily visualize and comprehend how cybercrime affects all aspects of the business
- Continuously monitor cyber risk key performance indicators (KPI's)
- Ensure that the most effective risk management strategies are implemented
Instead of providing overwhelming amounts of low-level threat intelligence that can bury an information security team in data, SurfWatch delivers cyber risk insights in a complete business context – so you immediately know your greatest exposures, the impact on your business and how to quickly mitigate the risk.
SurfWatch Labs: Cyber In Sight. For more information, visit www.surfwatchlabs.com.