The Most Severe Global Attacks Of 2017

Uploaded on 2018-03-08 in NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-Financial

Cyber security breaches were twice as severe in the past year, with total financial losses reaching $500,000 (£356,00) per business, according to an extensive survey of CISOs across the globe.

Some 32 per cent of breaches affected more than half of an organisation's systems in 2017, up from 15 per cent the previous year, according to 3,600 security bods surveyed in Cisco’s annual cyber security report.

Financial damage included lost revenue, customers, opportunities, and out-of-pocket costs, said Switchzilla. Mark Weir, director of cybersecurity at Cisco UK & Ireland told The Register the figure of $500,000 “could even be slightly conservative”.

The survey found one-fifth of UK respondents identified between 250,000 and 500,000 security alerts a day in 2017.

Increased threats could also be expensive for businesses in other ways. Last month the UK government warned that critical infrastructure firms could face fines of up to £17m if they do not have adequate cybersecurity measures in place.

Weir said the increase in severity of attacks is a "worrying trend” but added some of the measures that are being put in place could take a while to have an effect.

One such tactic is the use of multiple security products to try to tackle the threat. Some 25 per cent of security professionals said they used products from 11 to 20 vendors, compared with 18 per cent in the previous year.

Weir noted malware and ransomware attacks have become more significant over the last 12 to 18 months, with denial-of-service attacks also becoming increasingly sophisticated, and impacting the bottom line.

He said email encryption is also on the rise - which creates more challenges and confusion when trying to identify and monitor potential threats.

Cisco threat researchers observed a more than threefold increase in encrypted network communication used by inspected malware samples over a 12-month period. "Our analysis of more than 400,000 malicious binaries found that about 70 percent had used at least some encryption as of October 2017,” the report stated.

Another major challenge spotted was patching systems, as seen during the outbreak of the WannaCry ransomware crypto worm last year. Weir said that is particularly difficult when organisations have complex estates with multiple legacy systems that can no longer be patched.

He said application level security was a key area. "I still think is a real weakness across our entire industry. Some companies do it well, but not anywhere enough in the numbers needed to protect against attack.”

As such companies could see an increase in their financial and reputational loss next year.

“We talk about the threats of ransomware, malware, application level security and IoT threat… but the reality is these people will attack wherever they see weakness. So organisations must have defences across the piece.

"I think the severity of some of those attacks will increase. Security strategy has to start with protecting data... the preservation and security of that data is critical."

"Not surprisingly the people that propagate these attacks are very well funded, and well resourced. They work collaboratively, and I think as an industry we need to [do the same]," he added.

The Register:

You Might Also Read: 

Cisco & INTERPOL: Working Against Cybercrime:

Cybercrime: £130bn Stolen From Consumers In 2017:

 

« Preventing The Next Active Shooter Attack
Cyberbullying Attacks the Young »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

TrustedSec

TrustedSec

TrustedSec is an information security consulting services, providing tailored solutions and services for small, mid, and large businesses.

Galaxkey

Galaxkey

Galaxkey is a data protection product that protects email, documents and any data using access control and an encryption platform.

Happiest Minds Technologies

Happiest Minds Technologies

Happiest Minds offers domain centric solutions in IT Services, Product Engineering, Infrastructure Management and Security.

SafenSoft (SnS)

SafenSoft (SnS)

SafenSoft delivers high-efficiency, low-impact proactive protection against malware, insider threats, and confidential data leakage.

Air Informatics

Air Informatics

Air Informatics LLC provides security, information management, analytics and informatics for IT and wirelessly enabled airplanes and operations.

Devel Group

Devel Group

Devel are a LATAM cybersecurity company specialized in providing services in the financial and enterprise sector.

Cyber Threat Defense (CT Defense)

Cyber Threat Defense (CT Defense)

CT Defense specialize in penetration testing and security assessments.

BrandShelter

BrandShelter

BrandShelter specializes in providing online brand protection for companies and trademark owners.

Kintent

Kintent

With Kintent, compliance becomes a habit, is simple to understand and achieve, and is continuously testable so that your customers can see that you are adhering to all your trust obligations.

CyberNews

CyberNews

Cybernews.com is a research-based online publication that helps people navigate a safe path through their increasingly complex digital lives.

Cyber Resilience Centre for Wales (WCRC)

Cyber Resilience Centre for Wales (WCRC)

The Cyber Resilience Centre for Wales (WCRC) is part of the national roll out of Cyber Resilience Centres in the UK which began in 2019.

Quantum eMotion (QeM)

Quantum eMotion (QeM)

Quantum eMotion is a Montreal-based advanced developer leading the way towards a new generation of quantum-safe encryption for the quantum computing age.

AnzenSage

AnzenSage

AnzenSage is a cybersecurity advisory consultancy specializing in security risk resilience for the food sector: agriculture, food manufacturing, food supply chain, vineyards, and wineries.

Keyrus

Keyrus

Keyrus is a global consultancy that develops data and digital solutions for performance management.

Insane Cyber

Insane Cyber

Insane Cyber make cybersecurity easier to manage through automated, easy-to-use software and expert support and partnership.

Seiber

Seiber

Seiber are a UK based Cyber Security company who provide consultancy and training services. Our objective is to stop bad things happening to good people.