- An estimated 2 million cyberattacks in 2018 resulted in more than $45 billion in losses, according to a new report from The Internet Society's Online Trust Alliance (OTA).
- While the overall number of breaches was down in 2018, the report found deceptive email attacks (known as Business Email Compromise) doubled in 2018, while there was also a "troubling rise" of attacks against state and local governments.
- OTA found 95% of the reported cyberattacks could have been avoided through simple practices like implementing employee training and developing a response plan.
While the drop in overall incidents is a slight relief, the impacts of the cyberattacks have become more devastating as hackers have found new ways to breach systems. Emerging trends include hijacking devices to mine cryptocurrency, credential "stuffing" to access user accounts and targeting third-party vendors to infiltrate supply chains.
Hackers have also become more savvy in monetizing such attacks, a trend that has continued into 2019 with the recent ransomware attacks on the Florida cities of Riviera Beach and Lake City. While the report notes that state and local governments are actually less likely to pay ransom than private organizations hit by ransomware, it also noted those governments are more vulnerable to attacks due to outdated systems.
Some have criticized Riviera Beach and Lake City for paying the collective $1 million in ransom. However, cities like Baltimore and Atlanta, which suffered greatly from ransomware attacks but refused to pay the hackers, are now facing multi-million dollar recovery costs. In an interview with CIO Dive, Josh Zelonis, a senior analyst at Forrester, said the decision is "really a straightforward math problem." Bugcrowd CTO Casey Ellis agreed that it's sometimes more economical to pay the ransom, regardless of the criticism that paying hackers sets a bad precedent.
OTA notes that cities and private sector companies can avoid the situation altogether with increased preparedness and attention on security. The report says that understanding data, why it's collected and used, and how it's stored is key to increase protection; it also advises that organizations delete data as soon as it's no longer needed. Conducting ongoing risk assessments of IoT devices can also dramatically decrease potential for network-wide threats.
The OTA report provides a "top level incident ready checklist" for organizations to understand exactly what steps should be taken to minimize risk and increase resilience.