Exposing Cybercrime As A Business Model

Uploaded on 2016-05-13 in TECHNOLOGY--Resilience, NEWS-Cybersecurity News, GOVERNMENT-Law Enforcement, FREE TO VIEW

Trustwave has released a report which reveals the top cybercrime, data breach and security threat trends from 2015. Experts gathered real-world data from hundreds of breach investigations the company conducted in 2015 across 17 countries.

The Contributing Factors To Compromised Security: 

Weak application security: 97 percent of applications tested by Trustwave in 2015 had at least one vulnerability. 10% of the vulnerabilities discovered were rated as critical or high risk. The median number of vulnerabilities discovered per application by the Trustwave Managed Security Testing service was 14.

Where security incidents occur: 35 percent of data breach investigations conducted by Trustwave occurred in North America, 21 percent were in the Asia-Pacific Region, 12 percent were in Europe, the Middle East and Africa, and 10 percent were in Latin America and the Caribbean.

Who criminals target: Retail was the most compromised industry, making up 23 percent of Trustwave investigations, followed by hospitality at 14 percent and food and beverage at 10 percent.

Shift in compromised environments: Compromises affecting corporate and internal networks increased to 40 percent in 2015, up from 18 percent in 2014. 38 percent of investigations were of e-commerce breaches, compared to 42 percent in 2014. Twenty-two percent were of point-of-sale (POS) breaches. POS compromises decreased eighteen percentage points from 2014 to 2015, making up 40 percent of Trustwave investigations in 2014 and 33 percent in 2013.

Magento is a target: 85% of compromised e-commerce systems used the Magento open source platform. At least five critical Magento vulnerabilities were identified in 2015, and most of the affected systems were not fully updated with security patches.

Data most targeted: In 60% of investigations, attackers were after payment card data, split about evenly between card track (magnetic stripe) data (31 percent of incidents), which came mainly from POS environments, and card-not-present (CNP) data (29 percent), which mostly came from e-commerce transactions.

Self-detection of breaches: The majority of victims, 59 percent, did not detect breaches themselves. The report reveals that self-detection leads to quicker containment of a breach. Self-detection increased from 19% in 2014 to 41% in 2015. In 2015, for self-detected breaches, a median of 15 days elapsed from intrusion to containment. For breaches detected by an external party, a median of 168 days elapsed from intrusion to containment.

Malvertising goes mainstream: The Trustwave analysis of the RIG exploit kit, the most prominent exploit kit of 2014 and the third most prominent in 2015, shows that approximately 90 percent of traffic to the kit originates from malicious advertisements. Even some of the largest ad networks have been misused by attackers to spread malware to unsuspecting users visiting popular websites.

Shifting spam subjects: In 2014, pharmaceutical product spam made up almost three-fourths of the spam messages Trustwave analyzed. In 2015, that portion dropped dramatically, to 39 percent, which was still enough to make it the largest share of any category. Spam related to online dating sites and adult products made a combined five-fold leap from 6% in 2014 to 30% in 2015. Five percent of overall spam included a malicious attachment or link, a 1-point decrease from 2014.

The Year of Angler: Angler, the most prevalent exploit kit of 2015, accounted for 40 percent of exploit kit-related incidents we observed, more than twice as many as the next most prevalent kit, Nuclear. Angler was also the first exploit kit to integrate several newly disclosed exploits, including four zero-day exploits and seven “one-day” exploits, which target vulnerabilities for which patches have been released but have not yet been widely distributed.
 
“Cybercriminals have been congregating and organizing for years, but 2015 showed a marked increase in the behavior we would normally associate with legitimate businesses,” said Trustwave CEO and President Robert J. McCullen. “Based on the study of numerous security incidents, exploit kits and Malvertising campaigns, our 2016 Trustwave Global Security Report shows businesses how and where these sophisticated criminal organizations are most likely to attack, and more importantly, how to defend their assets.”
HelpNetSecurity: http://bit.ly/1VEFbbT

« Spying On You In Britain
Tech Jobs Would Be Great, If It Wasn’t For The Users »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Tines

Tines

The Tines security automation platform helps security teams automate manual tasks, making them more effective and efficient.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Identiv

Identiv

Identiv is a global security technology company that establishes trust in the connected world, including premises, information and everyday items.

Torsion Information Security

Torsion Information Security

Torsion is an innovative information security and compliance engine, which runs either in the cloud or your data centre.

Qatar Computing Research Institute (QCRI)

Qatar Computing Research Institute (QCRI)

QCRI perform cutting-edge research in such areas as Arabic language technologies, social computing, data analytics, distributed systems, cyber security and computational science and engineering.

Bluink

Bluink

Bluink specializes in identity and access management and customer identity verification, using your smartphone as a strong authenticator and secure identity store.

Lithuanian National Accreditation Bureau

Lithuanian National Accreditation Bureau

Lithuanian National Accreditation Bureau is the national accreditation body for Lithuania. The directory of members provides details of organisations offering certification services for ISO 27001.

Careerjet

Careerjet

Careerjet is a leading online job search engine with a large presence worldwide, sourcing millions of job ads from thousands of websites from all over the world in areas including Cybersecurity.

Prolimax

Prolimax

Prolimax deliver innovative solutions to IT Manufacturers, Distributors, Resellers and End-users including Data Erasure and secure IT Asset Disposition (ITAD)

Security Innovation Network (SINET)

Security Innovation Network (SINET)

SINET is dedicated to building a cohesive, worldwide Cybersecurity community with the goal of accelerating innovation through collaboration.

Drootoo

Drootoo

Drootoo is transforming businesses and making them high performing entities with its unified cloud platform.

OISTE Foundation

OISTE Foundation

OISTE foundation allows users to control their digital identities using well-understood and secure algorithms that ensure the continued validity of an identity and its claims.

Quantum Security

Quantum Security

Quantum's game-changing approach to cybersecurity brings you performance and peace-of-mind, with a raft of additional benefits: it's non-proprietary, comprehensive, scalable, and affordable.

Blok Cyber Security

Blok Cyber Security

Blok provide small businesses and sole traders, with affordable, managed Cyber Security Packages that offer immediate protection and peace of mind.

Charles IT

Charles IT

Charles IT is your friendly, no-nonsense IT team focused on helping companies make their technology work for them. We focus on building relationships that deliver results.

AccessIT Group

AccessIT Group

AccessIT Group is a specialized cybersecurity solutions provider offering a full range of advanced security services.

NeuroID

NeuroID

NeuroID combines the power of industry-leading behavioral analytics with advanced device and network intelligence to create your first line of defense against malicious bots, bad actors, and fraud.

SKADI Cyber Defense

SKADI Cyber Defense

At SKADI Cyber Defense, we specialize in enterprise-grade cybersecurity solutions tailored for small to medium businesses.