77% of ransomware in four industries
The Global Threat Intelligence Report 2017 shows, among other things, that the four sectors accounted for 77% of the ransomware found. Phishing attacks are responsible for three quarters of the malware present and only 25 different passwords are used for one third of all authentication attempts.
The Global Threat Intelligence Report (GTIR) 2017 analyzes data from NTT Group subsidiaries, including NTT Security, Dimension Data, NTT Communications and NTT Data, as well as the Global Threat Intelligence Center (GTIC, formerly SERT), illustrating trends in ransomware, phishing and DDoS attacks, and showing the impact current threats are having on businesses around the world. The analysis is based on log files and data on attacks, incidents and vulnerabilities from October 2015 to September 2016.
Ransomware: Who is affected?
Phishing is now the main method used to spread ransomware - which prevents authorized users from accessing data or devices. The report shows that 77% of the ransomware found worldwide was in just four industries:
- Business and Professional Services (28%)
- public administration (19%)
- Healthcare (15%)
- Retail (15%)
Even though the media focuses on the technically sophisticated attacks on the latest vulnerabilities, many attackers are still successful with very simple methods. According to GTIR, nearly three-quarters (73%) of enterprise malware can be attributed to phishing attacks, with the public sector (65%) and business and professional services (25%) recording the most attacks on a global level. A breakdown by country shows that most phishing attacks originate from the U.S. (41%), the Netherlands (38%) and France (5%).
Only 25 passwords used
The report also shows that only 25 different passwords were used for nearly 33% of all authentication attempts at honeypots installed by NTT Security. More than 76% of the login attempts used a password implemented in the Mirai botnet - an IoT botnet used for the largest distributed denial of service (DDoS) attack to date.
DDoS attacks accounted for less than 6% of all cyber attacks worldwide. However, attacks from Asia accounted for 16% and from Australia for as much as 23%.
Finance accounted for 14% of all global attacks, making it the most frequently affected sector. Accordingly, it was the only sector to occupy one of the top three places in all the geographic regions analyzed; manufacturing was among the top three in five of the six regions. Financials (14%), Public Sector (14%) and Manufacturing (13%) were the most frequently affected by attacks.
For more information on the top global threats and the actions management, technical staff and users can take to improve security, see the NTT Security GTIR 2017 report, which interested parties can download at the link below: www.nttcomsecurity.ch/downloads/GTIR-2017
Source: NTT Security
