Ransomware, Automation, and IoT Bots, Oh My!
Happy New Year to all our readers! In 2017, we conducted several studies and wrote several reports on the state of cyber security. Let’s take a look at how 2017 shaped up:
How Lucrative is Confidential Data? Prime Bounty for Hackers, Top Concern for Businesses
Radware’s annual Global Application & Network Security Report combines a comprehensive information-security industry survey with our Emergency Response Team’s (ERT) experiences fighting cyber-attacks. In the latest report, we discovered that IT professionals reported securing sensitive data as their #1 challenge, even ahead of avoiding revenue loss. Medical records began trade for a higher value than a credit card on the Darknet, and governments and civil services were targeted for their confidential documents. Throughout the last couple of years, we saw cyber-attacks grow in frequency, complexity, size, and more, making them even more difficult to defend against. Adding to the challenge of protecting data was the advent of IoT botnets. In fact, 55% of security professionals indicated they thought the Internet of Things complicated their detection or mitigation requirements.
How Do You Create a Flight Plan to a Never-Ending Journey?
We then asked 200 global C-suite executives about their flight plan, from their cybersecurity concerns perspective. We found that while the majority of enterprises are being attacked, there was a regional difference in how they were reported – Europeans were more likely to report an attack than their U.S. counterparts. This could be attributed to differences in regulatory requirements and preparedness to fight cyber-security incidents. Another major finding in this report was the role of automation. Four out of five executives had already started implementing more reliance on automated security solutions, and two out of five felt that within a couple years, these automated solutions would be the primary resources maintaining an organization’s security.
As the year progressed, we watched as the Internet of Things became an important part of the new threat landscape. After the Dyn attack by Mirai in late 2016, the nature of the botnets exploiting various devices became the focus of many security researchers. By December 2016 the number of botnets was growing, reaching beyond the hundreds of thousands. Our researchers sat down and created a chatbot that would communicate with other bots, with a goal of triggering them to reveal their malware binary and help us understand how they work.
Web Application Security in a Digitally Connected World
Lastly, Radware, along with Ponemon, investigated the impact of applications on network and application security. We surveyed more than 600 information security professionals across six continents to uncover the challenges that new technologies and application deployments present, ascertain how organizations identified vulnerabilities, and identify how companies combat application layer attacks. The results were alarming, to say the least. 45% of the organizations that you may have given your address, banking details or credit card were hacked. Only 27% of healthcare respondents have confidence they could safeguard patients’ medical records. While using apps may save us time, 25% of mobile applications undergo changes daily, making them difficult to keep secure. Most astounding? Nearly 30% of the total traffic on the internet is essentially bad bots, but one-third of organizations can’t make a distinction between these bad bots and good bots. There is a big gap between human error and the fact that AI is still new and untrustworthy, resulting in a high risk for anyone using apps today.
Conclusion
The cyber-attack landscape is constantly shifting and growing more complex. Our goal is to keep bringing you our research findings each year so you can learn more about these threats and how to keep your organization protected.
