Wednesday, April 27, 2016

We make it easy for cybercriminals according to Verizon

Weak passwords and victims still falling in "phishing" traps are the most usual things a cybercriminal will found on his work. This are the conclusions of the last annual study of the company Verizon "Data Breach Investigation Report", based on an analysis made over 100.000 security incidents and more than 3.000 confirmed data robberies in the last year, known by Verizon or other 50 collaborating organizations. 

We provide facilities to cybercriminals, and sometimes they don't have to investigate new tactics because the old ones are still working in present days. Practically two thirds of the present data robberies happened because stolen or weak passwords. People are not sitting in front of consoles, looking for SQL Injections before running a manual, they are stealing credentials, planting malware, pivoting and exfiltrating data." ensured Dave Ostertag, from Verizon on the study presentation.

Phishing is also an old technique which is still working; a big problem according to Ostertag and an usual factor in the majority of robberies. According to Verizon's study, a third part of the phishing messages are opened and more than one of ten receptors open the files attached, despite of all the warning campaigns against phishing messages.

Regarding to users and companies defense, the study ensures they act poorly and this isn't because they haven't got knowledge or skills, but all factors lead to game over before start. This includes the US Secret Service, the European Cyber Crime Center or the UK and Ireland CERT teams.

The "bad guys" are also increasingly faster: the 99% of the compromised systems are made in days and, even more, 4 of each 5 attacks are made in minutes. Also, two thirds of the data breach are made in days, a fifth part in minutes. Regarding to the detection of these attacks, less than a fourth part of this breaches were detected in the same period time, which means the attackers had enough time to take what they wanted. To make matters worse, the most of the times the victim didn't realize of the attack but it was notified by a third party, like a security researcher or the law enforcement forces.

The attackers are mostly organized crime, but one in ten times they are actors paid by governments. China was considered responsible of more than the half cyberspy attacks made by governments the last year. Talking about the most attacked organization, the public sector takes the worst part, followed by the manufacture sector and professional services firms. The attackers use phishing and stolen passwords to open backdoors in the professional networks, and they use them to install malware on these networks. The corporate networks are generally more difficult to attack, although with access to credentials, because many times the corporations are using double factor authentication.

Finally, the study remembers us the cybercriminals keep using social networks to compile information about their victims and what kind of content would seduce them to send them phishing traps. The most desired victims are those who make financial transfers.


Post a Comment