One of the best ways for organizations to shore up their data security efforts and work toward more proactive protection is by examining trends within the threat environment.
Taking a look at the strategies for attack, infiltration and infection currently being utilized by hackers can point toward the types of security issues that will continue in the future and enable enterprises to be more prepared with the right data and asset safeguarding measures.
Each year brings both continuing and emerging threats which can complicate security efforts. Awareness of the most impactful threats – including those that might have been popular in the past, as well as the new approaches spreading among cybercriminals – is crucial in the data security landscape.
Recently, Trend Micro researchers examined the data protection and cyberthreat issues prevalent during the first half of 2018 and included these findings in the 2018 Midyear Security Roundup: Unseen Threats, Imminent Losses report.
Let’s take a closer look at this research, as well as top identified threats that impacted businesses during the first six months of this year.
Widespread vulnerabilities and software patching
Back in 2014, the world was introduced to Heartbleed. At the time, it was one of the largest and most extensive software vulnerabilities, impacting platforms and websites leveraging the popular OpenSSL cryptographic software library. The bug made global news because of the vast number of websites it affected, as well as the fact that it enabled malicious actors to access, read and potentially leak data stored in systems’ memory.
Since then, a few additional vulnerabilities have been identified, including two at the beginning of 2018. Design flaws within microprocessing systems – since dubbed Meltdown and Spectre – were identified by researchers. Unfortunately, though, these weren’t the only high-profile vulnerabilities to make headlines this year.
As Trend Micro reported in May, eight other vulnerabilities were uncovered following Meltdown and Spectre, which also impacted Intel processors, including four that were considered “high” severity threats. Because these processors are used by a considerable number of devices within businesses and consumer environments across the globe, the emerging vulnerabilities were significantly worrisome for security admins and individual users alike.
Vulnerabilities that affect such large numbers of devices and users can be a significant challenge for enterprise security postures. Taking a cue from Heartbleed, the Register reported that despite the fact that a patch was released several years earlier, an estimated 200,000 systems were still vulnerable to the bug in early 2017.
Installing software updates in a timely manner is a top facet of patching best practices.
Spectre, Meltdown and the series of other identified vulnerabilities showcase the key importance of proper patching. Even Intel worked to drive this point home in a released statement encouraging users to maintain a beneficial patching strategy.
“We believe strongly in the value of coordinated disclosure and will share additional details on any potential issues as we finalize mitigations,” Intel noted, according to TechSpot. “As a best practice, we continue to encourage everyone to keep their systems up-to-date.”
The mere presence of an identified vulnerability can create security weaknesses, but an unpatched system can boost the chances of an attack or breach incident even further. It’s imperative that, in light of these widespread vulnerabilities, enterprises ensure their patching processes are comprehensive and proactive.
Cryptocurrency mining steals valuable resources
Researchers also noted that while cryptocurrency mining activity became more prevalent in 2017, this trend continued into the first half of 2018. Cryptocurrency mining programs can be more of an issue than many users might realize, as such a malicious initiative can rob enterprise infrastructures of key computing resources required to maintain top performance of their critical systems and applications, not to mention result in increased utility costs.
During the first six months of 2018, researchers recorded a more than 140 increase in cryptocurrency mining activity through Trend Micro’s Smart Protection Network Infrastructure. What’s more, 47 new miner malware families were identified during Q1 and Q2, demonstrating that cryptocurrency mining will continue to be a top initiative for hackers.
“Unwanted cryptocurrency miners on a network can slow down performance, gradually wear down hardware, and consume power – problems that are amplified in enterprise environments,” Trend Micro researchers stated in the Unseen Threats, Imminent Losses report. “IT admins have to keep an eye out for unusual network activity considering the stealthy but significant impact cryptocurrency mining can have on a system.”
Ransomware: No end in sight
For years, ransomware infections have been a formidable threat to organizations within every industry, and the first half of 2018 saw no change in this trend. Researchers again identified an increase in ransomware infection activity – 3 percent. While this may seem small, the current rate at which ransomware attacks take place make this rise significant.
At the same time, Trend Micro discovered a 26 percent decrease in new ransomware families. This means that while hackers are continuing to leverage this attack style to extort money from victims, they are utilizing existing, standby ransomware samples, creating fewer opportunities for zero-day ransomware threats.
Data breaches remain a constant issue for businesses of all shapes and sizes.
Mega breaches: An increasingly frequent issue
As the sophistication and potential severity of hacker activity continue to rise, so too do the consequences of successful attacks.
According to data from the Privacy Rights Clearinghouse, there was a 16 percent increase in data breaches reported in the U.S. during the first half of 2018, including 259 incidents overall. Fifteen of these events were considered “mega breaches,” or those that exposed 1 million records or more over the course of the breach and subsequent fallout.
Such incidents surpass traditional breaches in widespread effects on the victim company, its users and customers and the industry sector at large. Most of these mega breaches (71 percent) took place within the healthcare industry, and when one considers the significant amount of sensitive data healthcare institutions deal with, such threat environment conditions aren’t that surprising.
It’s also important to consider not only the traditional impact of regular and mega breaches – including losses related to company reputation and image, revenue, customer acquisition and retention and more – but the compliance costs that can emerge as well. This is an especially imperative consideration in the age of the EU’s General Data Protection Regulation, which became enforceable in May.
“This regulation … sets a high bar for data security and privacy protection,” Trend Micro’s report stated. “It imposes considerable fines for noncompliant organizations … Moreover, it has quite a long reach since any organization holding EU citizens’ data is affected.”
Check out Trend Micro’s GDPR Resource Center to learn more about maintaining compliance with this standard.
Read Trend Micro’s Unseen Threats, Imminent Losses report for more information about the top threats identified during the first half of this year.