Published on April 26, 2019
1. CYBER THREAT INSIGHTS REPORT HaltDos 2019 www.haltdos.com
2. Executive Summary This report contains an overview of the insights of cyber attacks and data breaches. The report also highlights the motives behind today's emerging cyber-attacks. The cyber threat insights report combines statistical research and frontline experience to identify cybersecurity trends that are crucial to enterprises as they determine long-term growth strategies. General Trends DDoS Trends Application Attack Trends Contents
3. Motivations behind cyber-attacks of companies attacked just once reported a form of theft. 92% of organizations reported multiple assaults, while those attacked once rose to 92%. 76% The motivation for attacks remained almost consistent over a year, the responses for “motive unknown” almost tripled in 2018. General Trends
4. Cyber Threats (2018-2019) Top Threats 2017 Top Threats 2018 Assessed Trends 2017 Assessed Trends 2018 Change In Ranking Malware Web Based Attacks Web Application Attacks Phishing Spam DDoS Ransomware Botnets Insider threat Physical manipulation/ damage/ theft/loss Data Breaches Identity Theft Information Leakage Exploit Kits Cyber Espionage Malware Web Based Attacks Web Application Attacks Phishing DDoS Spam Botnets Data Breaches Insider threat Physical manipulation/ damage/ theft/loss Information Leakage Identity Theft Cryptojacking Ransomware Cyber Espionage TRENDS: RANKING: Declining, Stable, Increasing Below is an overview and comparison of the threat landscape 2018 with the one of 2017: Going up, Same, Going Down NEW
5. Monthly Attacks (2018 - 2019) Below, chart compares the total events of 2017 and 2018 on a monthly basis. Clearly, with the sole exception of August, the level of activity has been constantly higher in 2018.
6. Most Common Types of Cyber Attacks It has been noticed that Malware/bot attacks, Phishing and DDoS attacks have increased over the year. of organizations have experienced a PHISHING ATTACK in the past year. 64% of organizations have experienced a DDoS ATTACK in the past year. 24%
7. Fileless Attacks are evolving It has been noticed that attackers are moving away from using malicious .exe files to package and deploy malware and it represents a major change in the way attacks are carried out. Below graphs are showing the adoption of fileless attack techniques are increasing over the years and file based attacks have decreased since 2018. of attacks that successfully compromised organizations used fileless techniques 77% File Based Attacks File Less Attacks
8. Industries Most Vulnerable to Cyber- Attacks Some industries are extremely vulnerable to cyberattacks because of the data servers and networks that they rely on. With the growing dependency on technology, there is no industry or organization which is safe from cyber attack; the higher the dependency on online technology, the higher the scope of vulnerability. According to a research, it has been found that Finance and Healthcare sector is most vulnerable to cyber attacks. SMEs & Government agencies are very vulnerable. Media, manufacturing and energy sector is least vulnerable to cyber attacks. MostVulnerabletoleastvulnerableindustries Small and Medium-Sized Businesses Healthcare Financial Institutions & Banks Governement Energy Industry Manufacturing
9. Cyber Attacks by Region in 2018 Global Americas EMEA APAC C ryptom iners M obile B otnetB anking R ansom w are 40% 30% 20% 10% 0% C ryptom iners M obile B otnetB anking R ansom w are 50% 40% 30% 20% 10% 0% C ryptom iners M obile B otnetB anking R ansom w are 40% 30% 20% 10% 0% C ryptom iners M obile B otnetB anking R ansom w are 40% 30% 20% 10% 0% It is oberved that Ransomware is no longer on the top of the malware list. Ransomware has been dropped from 30% at its peak in 2017 to less than just 4% in 2018.
10. Antivirus solutions have been replaced by the next-generation endpoint cyber security solutions Major cyber attacks are projected to utilize fileless techniques in 2018 Ransomware is down, cryptomining is up The total cost of a successful cyber attack is over $5 million It takes organizations an average of 191 days to identify data breaches 56% of IT decision makers agree that phishing attack is one of the top security threat for them The Equifax data breach of 2017 impacted 143 million U.S. citizens Only 38% of global organizations claim they are prepared to handle a sophisticated cyber attack Cyber Security Statistics of organizations believe their antivirus can't stop the threats they're seeing. 69% of organizations have experienced an IoT security incident 61%
11. DDoS Attacks In addition to the WannaCry ransomware attack and Distributed Denial of Service (DDoS) attacks have increased since mid 2017. In 2017, attackers continued to use reflection/amplification techniques to exploit vulnerabilities in DNS, NTP, SSDP, CLDAP, Chargen and other protocols to maximize the scale of their attacks. The largest attack in 2017 reported was 600 Gbps. On Wednesday, February 28, 2018 GitHub got hit by the DDoS attack that was 1.35 terabits per second (Tbps), that's the largest distributed denial-of-service (DDoS) attack on record. “Burst attacks” increasing in complexity, frequency, and duration One of the most significant DDoS attack trend has been observed that “Burst attacks” are increasing in which gaming websites and service providers are at high risk. Of organizations Hit With DDos ‘Burst Attacks’ 42%of attackers have found a number of ways to employ DDoS attacks. 85% DDoS Trends
12. DDoS Attacks Statistics by Quarterly In 2018, it has been found that 13% less DDoS activity than in the previous year. Below is a graph which is showing the Quarterly comparison of the number of DDoS attacks in 2017–2018 (100% = number of attacks in 2017).
13. Most Common Type of DDoS Attack in 2018 Below graph is showing the % of most common type of DDoS attack of 2018.
14. Quarterly DDoS Attacks Geography The top targeted country is still China, with its share practically changed (50.43% in Q4, against 77.67% in Q3). China was one of the most targeted country among all the quarters of 2018. It was observed that, Hong Kong was the second most targeted country in Q2, 2018.
15. The frequency of DDoS attacks have increased more than 2.5 times over the last 3 years The average size of DDoS attacks is increasing and approaching more than 1 Gbps IoT Botnet Attacks have increased over the years A new DDoS attack vector has emerged that is Memcached/ memcrashed DDoS attack DDoS attacks were 37% larger on average in the first six months of 2018 compared to the first six months of 2017 Large-scale DDoS attacks increase in size by 500% Organizations faced 8 attacks per day in Q2 2018, an increase of 40% over Q2 2017. DDoS Attack Statistics of DDoS attacks have been increased from mid-2017 to mid-2018 40% Maximum attack size of DDoS attack has been increased globally 174% of remote code execution attacks are associated with cryptomining. 90%
16. The dominant category this year was by far injections, with 19% (3,294) out of the total vulnerabilities of 2018, which is also a 267% increase from last year. The number of Cross-site scripting (XSS) vulnerabilities continued to grow and appears to be the second most common vulnerability (14%) among 2018 web application vulnerabilities. Most Common Web app vulnerabilities Application Attack Trends
17. IoT (Internet of Things) vulnerabilities appear to have decreased tremendously. Trending in Vulnerabilities IoT Vulnerabilities- decreased API Vulnerabilities - Growing, but slowing API (Application Programming Interface) vulnerabilities are becoming more widespread as time goes by. New API vulnerabilities in 2018 (264) increased by 23% over 2017 (214), and by 56% compared to 2016 (169).
18. 2017 Timeline of major cyber incidents No of Accounts hacked WhenCompany Cellebrite TIO Networks October Uber November December Nissan Canada 1.6 million 57 million January Deep Root Analytics 900 GB of Data stolen August June July September 200 million PlayStation February Gmail May Online Spambot March RNC Contractor Alteryx December Verizon Equifax 2.5 Million Records 1 million 711 million 120 million 198 million citizens 14 million 145.5 million 1.1 million
19. 2018 timeline of major cyber incidents No of Accounts hacked WhenCompany Facebook March, Sept, Dec Quora November Marriott Hotels November Cathay Pacific October Panera January TicketFly May Under Armour May Exactis 90 Million + 100 million 500 million 4 million 1.1 billion 27 million 150 million 340 million June MBM Company March Pumpup May 3 million 6 million JuneSacramento Bee 5 million
20. In 2018, like 2017, we continued to see a trend of increasing number of web application vulnerabilities, particularly vulnerabilities related to injection such as SQL injection, command injection, object injection, etc. Below graph shows the number of vulnerabilities on a monthly basis over the last two years. We can see that the overall number of new vulnerabilities in 2018 (17,308) increased by 23% compared to 2017 (14,082). No. of web application vulnerabilities
21. Conclusion Until now, the attacks were limited to large enterprise, but our security consultants, have seen that cyber attacks on MSME sector is also on the rise. As we have seen cyber criminals continue to build and weaponize massive IoT botnets of unprecedented size and capability. It is concluded that, volumetric DDoS attacks have scaled back a bit in sheer size, but continue to increase in frequency. of companies admitted that their organization could be at risk because their data is not secure. 50% 21% 7 X2 Chance of repeat 21% attack in 24 hours Attacks per customer per day Attacks over 10Gbps has doubled attack vectors, analyzes the digital fingerprint, and gathers intelligence to prepare against emerging cyber attacks. In short, 2019 will see more sophisticated threat vectors, more intensified attacks. The average cost of a data breach in 2020 will exceed $150 million. More than, 90% of hackers cover their tracks by using encryption. IoT driven Botnet DDoS attacks have become more common. As sophisticated DDoS & web application attacks continue to evolve, people are switching to cyber security solutions like DDoS mitigation & web application firewall that identifies
22. About Company Headquarter- India Branch Office - Singapore | USA www.haltdos.com @halt_dos @haltdos@haltdos Follow us on social media: @haltdos HaltDos is an award winning and leading appliance based DDoS mitigation & WAF solution provider company. HaltDos offers a unique and tailored-fit security solution that detects, protects, and monitors applications. HaltDos's main mission is to deliver the most innovative, highest- performing network security to secure and simplify your IT security. More information about HaltDos and it's achievements can be found at www.haltdos.com