Cyberthreats Increasing but Shifting, with Ransomware Attacks Down 17%
Announcement posted by Established Media 06 Jun 2018
Ransomware attacks are significantly declining, and active defenses strategies are highly effective but underutilised, according to ISACA State of Cybersecurity report.
Sydney, Australia (6 June 2018) — 2017 was widely billed as the year of ransomware, but cyberthreats have moved in a new direction this year, according to ISACA’s State of Cybersecurity 2018 research.
Results show that 50 per cent of the 2,366 security leaders surveyed have seen an increase in cyberattack volumes relative to last year. In addition, 80 per cent of respondents said they are likely or very likely to be attacked this year—a statistic that remains unchanged from last year’s study.
But despite an increase in cyberattacks generally, ransomware attacks are significantly declining. Last year, 62 per cent of respondents experienced a ransomware attack, compared to 45 per cent this year—a 17-point drop. This is likely because organisations are significantly better prepared after last year’s WannaCry and NotPetya attacks. Eighty-two per cent of respondents said that their enterprises now have ransomware strategies in place and 78 per cent said they have a formal process—up 25-points from last year.
While these findings are positive, the data show that ransomware attacks may have been displaced by cryptocurrency mining, which is becoming more frequent. Cryptocurrency mining malware can operate without direct access to the file system, making them harder to detect—and as the prices of cryptocurrencies increase, the economics of cryptocurrency mining malware becomes better for the attacker.
Additionally, the three most common attack vectors remain unchanged from last year: phishing, malware and social engineering.
Active Defense Strategies Are Highly Effective, But Underutilised
ISACA’s research also found that nearly 4 out of 10 respondents (39 per cent) are not at all familiar or only slightly familiar with active defense strategies (e.g., honeypots and sinkholes). Of those who are familiar with active defense strategies, just over half are actually using them.
“This is a missed opportunity for security leaders and their organisations,” said Frank Downs, director of cybersecurity at ISACA. “ISACA’s research indicates that active defense strategies are one of the most effective countermeasures to cyberattacks. A full 87 per cent of those who use them indicate that they were successful.”
Recommendations
The ISACA report suggests enterprises must be better prepared with focused attention on several areas, including:
Parts 1 and 2 of ISACA’s State of Cybersecurity Study can be downloaded free of charge at www.cybersecurity.isaca.org/state-of-cybersecurity.
About the State of Cybersecurity Study
More than 2,300 cybersecurity professionals who hold ISACA’s Certified Information Security Manager (CISM) and/or Cybersecurity Nexus Practitioner™ (CSXP) designations and positions in information in security participated in the online survey. Part 1, which examines workforce data, and Part 2, which looks at the evolving threat landscape, are available as complimentary downloads at www.cybersecurity.isaca.org/state-of-cybersecurity. The study is the latest research from ISACA’s Cybersecurity Nexus.
###
About ISACA
Nearing its 50th year, ISACA® (isaca.org) is a global association helping individuals and enterprises achieve the positive potential of technology. Today’s world is powered by technology, and ISACA equips professionals with the knowledge, credentials, education and community to advance their careers and transform their organisations. ISACA leverages the expertise of its 450,000 engaged professionals in information and cybersecurity, governance, assurance, risk and innovation, as well as its enterprise performance subsidiary, CMMI® Institute, to help advance innovation through technology. ISACA has a presence in more than 188 countries, including 217 chapters worldwide and offices in both the United States and China.
Twitter: www.twitter.com/ISACANews
LinkedIn: www.linkedin.com/company/isaca
Facebook: www.facebook.com/ISACAHQ
Instagram: www.instagram.com/isacanews/
Contact:
Julie Fenwick, jfenwick@daylightagency.com.au, 0468 901 655
Harriet Hall, hhall@daylightagency.com.au, 0401 068 041
Results show that 50 per cent of the 2,366 security leaders surveyed have seen an increase in cyberattack volumes relative to last year. In addition, 80 per cent of respondents said they are likely or very likely to be attacked this year—a statistic that remains unchanged from last year’s study.
But despite an increase in cyberattacks generally, ransomware attacks are significantly declining. Last year, 62 per cent of respondents experienced a ransomware attack, compared to 45 per cent this year—a 17-point drop. This is likely because organisations are significantly better prepared after last year’s WannaCry and NotPetya attacks. Eighty-two per cent of respondents said that their enterprises now have ransomware strategies in place and 78 per cent said they have a formal process—up 25-points from last year.
While these findings are positive, the data show that ransomware attacks may have been displaced by cryptocurrency mining, which is becoming more frequent. Cryptocurrency mining malware can operate without direct access to the file system, making them harder to detect—and as the prices of cryptocurrencies increase, the economics of cryptocurrency mining malware becomes better for the attacker.
Additionally, the three most common attack vectors remain unchanged from last year: phishing, malware and social engineering.
Active Defense Strategies Are Highly Effective, But Underutilised
ISACA’s research also found that nearly 4 out of 10 respondents (39 per cent) are not at all familiar or only slightly familiar with active defense strategies (e.g., honeypots and sinkholes). Of those who are familiar with active defense strategies, just over half are actually using them.
“This is a missed opportunity for security leaders and their organisations,” said Frank Downs, director of cybersecurity at ISACA. “ISACA’s research indicates that active defense strategies are one of the most effective countermeasures to cyberattacks. A full 87 per cent of those who use them indicate that they were successful.”
Recommendations
The ISACA report suggests enterprises must be better prepared with focused attention on several areas, including:
- Investing in talent—With attacks still on the rise, enterprises must continue to invest in finding, retaining and training skilled cyber security professionals.
- Exploring further automation benefits—Enterprises should consider automation-driven strategies and tools for detection and to support recovery and response efforts.
- Ensuring appropriate investment in security controls—With attack vectors (phishing, malware and social engineering) minimally changing, existing control types are still valid and useful. Enterprise investment and attention to security controls should increase in line with the frequency of these attack vectors.
Parts 1 and 2 of ISACA’s State of Cybersecurity Study can be downloaded free of charge at www.cybersecurity.isaca.org/state-of-cybersecurity.
About the State of Cybersecurity Study
More than 2,300 cybersecurity professionals who hold ISACA’s Certified Information Security Manager (CISM) and/or Cybersecurity Nexus Practitioner™ (CSXP) designations and positions in information in security participated in the online survey. Part 1, which examines workforce data, and Part 2, which looks at the evolving threat landscape, are available as complimentary downloads at www.cybersecurity.isaca.org/state-of-cybersecurity. The study is the latest research from ISACA’s Cybersecurity Nexus.
###
About ISACA
Nearing its 50th year, ISACA® (isaca.org) is a global association helping individuals and enterprises achieve the positive potential of technology. Today’s world is powered by technology, and ISACA equips professionals with the knowledge, credentials, education and community to advance their careers and transform their organisations. ISACA leverages the expertise of its 450,000 engaged professionals in information and cybersecurity, governance, assurance, risk and innovation, as well as its enterprise performance subsidiary, CMMI® Institute, to help advance innovation through technology. ISACA has a presence in more than 188 countries, including 217 chapters worldwide and offices in both the United States and China.
Twitter: www.twitter.com/ISACANews
LinkedIn: www.linkedin.com/company/isaca
Facebook: www.facebook.com/ISACAHQ
Instagram: www.instagram.com/isacanews/
Contact:
Julie Fenwick, jfenwick@daylightagency.com.au, 0468 901 655
Harriet Hall, hhall@daylightagency.com.au, 0401 068 041