Exposing Cybercrime As A Business Model

Trustwave has released a report which reveals the top cybercrime, data breach and security threat trends from 2015. Experts gathered real-world data from hundreds of breach investigations the company conducted in 2015 across 17 countries.

The Contributing Factors To Compromised Security: 

Weak application security: 97 percent of applications tested by Trustwave in 2015 had at least one vulnerability. 10% of the vulnerabilities discovered were rated as critical or high risk. The median number of vulnerabilities discovered per application by the Trustwave Managed Security Testing service was 14.

Where security incidents occur: 35 percent of data breach investigations conducted by Trustwave occurred in North America, 21 percent were in the Asia-Pacific Region, 12 percent were in Europe, the Middle East and Africa, and 10 percent were in Latin America and the Caribbean.

Who criminals target: Retail was the most compromised industry, making up 23 percent of Trustwave investigations, followed by hospitality at 14 percent and food and beverage at 10 percent.

Shift in compromised environments: Compromises affecting corporate and internal networks increased to 40 percent in 2015, up from 18 percent in 2014. 38 percent of investigations were of e-commerce breaches, compared to 42 percent in 2014. Twenty-two percent were of point-of-sale (POS) breaches. POS compromises decreased eighteen percentage points from 2014 to 2015, making up 40 percent of Trustwave investigations in 2014 and 33 percent in 2013.

Magento is a target: 85% of compromised e-commerce systems used the Magento open source platform. At least five critical Magento vulnerabilities were identified in 2015, and most of the affected systems were not fully updated with security patches.

Data most targeted: In 60% of investigations, attackers were after payment card data, split about evenly between card track (magnetic stripe) data (31 percent of incidents), which came mainly from POS environments, and card-not-present (CNP) data (29 percent), which mostly came from e-commerce transactions.

Self-detection of breaches: The majority of victims, 59 percent, did not detect breaches themselves. The report reveals that self-detection leads to quicker containment of a breach. Self-detection increased from 19% in 2014 to 41% in 2015. In 2015, for self-detected breaches, a median of 15 days elapsed from intrusion to containment. For breaches detected by an external party, a median of 168 days elapsed from intrusion to containment.

Malvertising goes mainstream: The Trustwave analysis of the RIG exploit kit, the most prominent exploit kit of 2014 and the third most prominent in 2015, shows that approximately 90 percent of traffic to the kit originates from malicious advertisements. Even some of the largest ad networks have been misused by attackers to spread malware to unsuspecting users visiting popular websites.

Shifting spam subjects: In 2014, pharmaceutical product spam made up almost three-fourths of the spam messages Trustwave analyzed. In 2015, that portion dropped dramatically, to 39 percent, which was still enough to make it the largest share of any category. Spam related to online dating sites and adult products made a combined five-fold leap from 6% in 2014 to 30% in 2015. Five percent of overall spam included a malicious attachment or link, a 1-point decrease from 2014.

The Year of Angler: Angler, the most prevalent exploit kit of 2015, accounted for 40 percent of exploit kit-related incidents we observed, more than twice as many as the next most prevalent kit, Nuclear. Angler was also the first exploit kit to integrate several newly disclosed exploits, including four zero-day exploits and seven “one-day” exploits, which target vulnerabilities for which patches have been released but have not yet been widely distributed.
 
“Cybercriminals have been congregating and organizing for years, but 2015 showed a marked increase in the behavior we would normally associate with legitimate businesses,” said Trustwave CEO and President Robert J. McCullen. “Based on the study of numerous security incidents, exploit kits and Malvertising campaigns, our 2016 Trustwave Global Security Report shows businesses how and where these sophisticated criminal organizations are most likely to attack, and more importantly, how to defend their assets.”
HelpNetSecurity: http://bit.ly/1VEFbbT

« Spying On You In Britain
Tech Jobs Would Be Great, If It Wasn’t For The Users »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Perimeter 81

Perimeter 81

Perimeter 81 is a Zero Trust Network as a Service designed to simplify secure network, cloud and application access for the modern and distributed workforce.

Cylance Smart Antivirus

Cylance Smart Antivirus

An antivirus that works smarter, not harder, from BlackBerry. Lightweight, non-intrusive protection powered by artificial intelligence. BUY NOW - LIMITED DISCOUNT OFFER.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Free Access: Cyber Security Supplier Directory listing 5,000+ specialist service providers.

DigitalStakeout

DigitalStakeout

A simple and cost-effective solution to monitor, investigate and analyze data from the web, social media and cyber sources to identify threats and make better security decisions.

FREE eBook: Practical Guide To Optimizing Your Cloud Deployments

FREE eBook: Practical Guide To Optimizing Your Cloud Deployments

AWS Marketplace eBook: Optimizing your cloud deployments to accelerate cloud activities, reduce costs, and improve customer experience.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

SS8 Networks

SS8 Networks

SS8 provide an analytics platform for monitoring high speed communication flows to identify 'suspects-of-interest' for law enforcement and intel agencies.

Lexero Law Firm

Lexero Law Firm

Lexero Law Firm provides Internet attorney legal services in the areas of domain names, e-commerce, cyber law, intellectual property, and more.

Mi3 Security

Mi3 Security

Mi3 Security provide solutions to secure the escalating use of mobile apps and BYOD on networks.

Global Learning Systems (GLS)

Global Learning Systems (GLS)

Global Learning Systems provides security awareness and compliance training programs for employees that effectively promote behavior change and protect your organization.

National Information & Communication Security Taskforce (NICST)

National Information & Communication Security Taskforce (NICST)

National Information & Communication Security Taskforce (NICST) is responsible for coordination and policy making of information and communication security in Taiwan.

JM Search

JM Search

JM Search’s Information Technology Executives Practice sources the most sought-after technology roles including CIO, CTO, CISO, CDO and other senior posts.

BicDroid

BicDroid

BicDroid is a world leader in data and cyber security with innovative solutions that protect your data anywhere, anytime, against everything.

MVP Tech

MVP Tech

MVP Tech designs and deploys next generation infrastructures where Security and Technology converge.