Contrary to popular belief, cybercriminals are not all solo-operating, pizza-eating basement dwellers. Cybercrime is a global business with sky-high margins, and many of the most popular tools used by cybercriminals are developed by professional (though shady) software and services companies competing for market share.
That’s one of the biggest takeaways from the 2016 Trustwave Global Security Report published by Chicago cybersecurity startup
this week. The report, which has been put out annually by the startup since 2010, assesses the state of the international information security landscape.
For startups, the risks of cybersecurity breaches is twofold. First, a security breach may halt operations or cause valuable intellectual property to end up in the wrong hands. But perhaps more importantly, most startups are asking their customers to entrust them with personal information — often including payment card data. For a startup, a betrayal of that trust can be a death blow.
The good news is that much of the work required to protect against breaches is relatively straightforward. In many cases, it’s just a question of following standard best practices like strong passwords, firewalls, network monitoring and ongoing vulnerability assessments.
“Those basics are really important and honestly raise you to a level above the most common victims that we see out there,” said Karl Sigler (pictured right), threat intelligence manager at Trustwave.
Effective network monitoring can make a huge difference for the severity of a breach. According to the report, the median detection time for internally detected breaches was 15 days, compared with 168 days for externally reported ones. As for remediation, internally detected breaches were usually fixed within one day, as compared with a median of 28 days for externally detected breaches.
One positive trend revealed by the report is that 41 percent of last year’s data breaches for organizations with which Trustwave works were self-detected, up from 19 percent from the year before.
For consumers, one thing worth being on the lookout for is “malvertising” — malicious advertising campaigns that target users’ web browsers upon display, or direct users to malicious websites.
“We’ve seen malicious advertising really spike last year, and we’ll probably continue to see it this year,” said Sigler. “The way online advertising works is so layered, and sold and resold to so many different levels of actors that it’s very hard for them to filter malicious content out.”
But while some threats change from year to year, some things never change: Adobe Flash remains a persistent thorn in cybersecurity experts’ sides.
“The day when people stop using Flash can’t come soon enough,” said Sigler.
Some interesting stats from the report:
60 percent of breaches targeted payment card data.
54 percent of inbound email to Trustwave customers was spam.
71 percent of web attacks targeted WordPress.
40 percent of exploit kit attacks used a single piece of software — Angler.
Images via Shutterstock and Trustwave.
Do you have a tip for us? Shoot us an email or follow us on Twitter@BuiltInChicago.