Our digital world continues to expand, uniting information and operational technology, industrial controls and the Internet of Things into an ever-evolving environment across on-premise, cloud and mobile devices. So what threats have we seen threatening our digital agenda?
Our 2018 Global Threat Intelligence Report, which can now be downloaded here, highlights the most notable threats, incidents and trends observed in the previous year. Security is everyone's responsibility, so we avoided using highly technical language.
Our analysis of global monitoring, vulnerability, and incident response data reveals a variety of findings about attacks and organisational experiences. But one theme is apparent – the global cybersecurity landscape is dominated by change. This includes changes in the types of attacks executed and changes in the targets of those attacks.
The number of attacks on the finance sector has increased over the previous year, rising to 26% from 14%. The report also shows attack volume targeting the technology sector increased by 25%, driving the sector up sharply, making it the only sector to appear in the top five most attacked sectors across the globe. Conversely, government targets became far less of a priority and dropped to just 5%.
Another highlight is that ransomware detection increased by a staggering 350%, accounting for 7% of global malware in 2017. The rise in ransomware detection illustrates the ever more reliable exploits developed by attackers for high profile vulnerabilities. WannaCry set a new standard for the speed in which it spread, affecting 400,000 machines and 150 countries in the space of a day. As our digital agenda accelerates the surface for attacks continued to expand rapidly, fueled by the cloud and mobility. To combat this, as an industry we have invested heavily in R&D, advanced analytics and machine learning to put threats in context. We are also seeing greater collaboration with intelligence sharing allowing skilled analysts to focus on the real threats. A resilient cybersecurity architecture also has to include not only technology but the experts to respond to and contain incidents.
Here’s a summary of our other key global findings:
- Ransomware increased from being 1% of global malware in the 2017 GTIR to nearly 7%
- Business and professional services joined the list of the top five globally attacked industry sectors in third position at 10%
- The gaming sector was the most targeted by ransomware in 2017 at 20%, followed by business and professional services at 17%, health care and manufacturing both at 12% and technology at 11%
- Financial services (18%) and health care (15%) were the two most common sectors to seek incident response services
The GTIR clearly demonstrates the uphill battle organizations face in achieving an optimal balance between operational security and compliance initiatives. In order to be successful they cannot afford to be complacent and must recognize that having a firm grasp on what it takes to remain secure is a fundamental part of everyday business operations.
In an ever-evolving threat landscape, defending your organization is no small task, but focusing on key areas outlined in our report, such as incident response plans, multi-factor and strong authentication, comprehensive and reliable patching and usable but effective security measures, can help to build the security posture of an organization.
To learn more about the most important global threats and the actions businesses can take to improve their security posture, follow the link to download the NTT Security 2018 GTIR: https://www.nttsecurity.com/gtir.