Ransomware, DDoS and Malware Top Tactics in 2019

With Beaming releasing data showing that businesses faced a cyber attack every 60 seconds last year, it’s only fitting to see what tactics were most used by cyber criminals.

According to CrowdStrike ‘Services Cyber Front Lines’ Report, ransomware, distributed denial of service (DDos) and malware were the three commonly used tactics favoured by cyber criminals to cause the utmost business disruption. With 36% of investigated incidents involving these tactics.

25% of the incidents investigated included data theft, including the theft of intellectual property, personally identifiable information and personal health information.

The report said:

“Typically, this type of data may be used by a cyber-espionage actor to build a dossier on a high-profile target, or a cyber-criminal may sell or ransom the information.”

Spear-phishing (35%) proved to be the most popular tactic deployed to gain access to cyber systems, compared to web attacks which stood just under two tenths (16%).

Jack Mannino, CEO at nVisium, told Infosecurity that businesses are still struggling with the same issues from 10 years ago, although hackers are increasingly beginning to attack cloud infrastructure and systems as organisations start to use them.

Jack Mannino said:

“While many organisations have been in the cloud for a while, countless teams are still undertaking transformation and are attempting to replicate security controls that they have developed internally within a new architecture.”

Shawn Henry, Chief Security Officer and President of CrowdStrike Services, said:

“The report offers observations into why ransomware and business disruption dominated headlines in 2019 and gives valuable insight into why issues with adversarial dwell time remain a problem for businesses around the world. Strong cybersecurity posture ultimately lies within technology that ensures early detection, swift response and fast mitigation to keep adversaries off networks for good.”

Rui Lopes, engineering and technical support manager at Panda Security, said that the use of cyberspace to carry out all kinds of malicious activities is not going anywhere in 2020, “and while cyber security players work to mitigate attacks, organisations struggle on their end with a gap in security experts which may not be covered even if they have a budget for it.”