Solutionary found that companies in the healthcare industry had the most ransomware present, accounting for 88 percent of all ransomware detections in Q2. In addition, Cryptowall was the top ransomware variant detected during the quarter, accounting for nearly 94 percent of detections.

“Healthcare has been a target for ransomware campaigns because the industry has often paid ransom to retrieve vital customer data quickly. Furthermore, healthcare organizations use an abundance of systems and devices that are crucial pivot-points for an attacker, and they can even be victims of ransomware themselves,” said Rob Kraus, director of research, Security Engineering Research Team, Solutionary.

“The most important steps in protecting your company’s and your customers’ data from the growing malicious ransomware onslaught are ensuring that you have a robust backup and recovery process, and that your security software is up-to-date and able to detect the most recent ransomware variants. As the threat continues to evolve, it will be crucial for organizations to have defined incident-response procedures and proper detective and preventive controls in place to reduce ransomware’s impact,” Kraus added.

Key findings

• The industry most often targeted by ransomware attacks, healthcare, led with 88 percent of Solutionary detections. Affected industries also included education (6 percent) and finance (4 percent), with eight other industries combining for less than 2 percent of detections.
• Researchers identified the top attack types of Q2 ‘16. Out of 11 categories, the top three – web application, malware and application-specific attacks – accounted for roughly 62 percent of all attacks. Threat actors focused primarily on web applications, which were the target of nearly 24 percent of all attacks.
• Attacks focusing on ActiveX or Adobe products accounted for nearly 48 percent of all attacks against the top five industries (retail, healthcare, education, finance and technology).
• The retail sector was the focus of 18 percent of all attacks during Q2 ’16.
• Germany was the number-one source of all non-U.S. based attacks, responsible for nearly 15 percent of attacks overall.

from Help Net Security http://ift.tt/2a7g799

Cyber security remains a critical business challenge and a growing concern with a potentially devastating impact on company brands and bottom lines. Despite these damaging ramifications, many cybersecurity executives indicate that information protection may not be the strategic corporate imperative that it should be.

In surveying 403 CIO, CISO, CTO and CIOs in the automotive, banking, technology and retail sectors, KPMG found that 81 percent of executives admitted their companies had been compromised by cyber-attacks in the past 24 months – ranging from malware, botnet to other attack vectors. Retail cyber executives reported the most breaches in the past 24 months, with 89% reporting yes, followed by automotive at 85% and banking and technology companies reporting 76%.

Investing in information security

Despite these alarming admittances, 49% of these same executives said they have invested in information security in the past year. Banks appear to be most proactive when it comes to investments in information security, with 66% of execs reporting investments made, followed by technology at 62%, retail at 45% and automotive at 32%.

“Cyber-attacks are affecting nearly every single company we encounter, but we’re not seeing those attacks drive enough proactive business action as evidenced by the rate of investment made in information security,” said Greg Bell, KPMG Cyber US Leader. “We’re still seeing companies taking a passive or reactive approach toward cybersecurity, when in fact cyber should be a top-line business issue thought about and practiced company-wide.”

Why organizations need a security leader

The report also found that some industries are more equipped to handle cyber-attacks because they have an executive whose sole responsibility is information security. Industry-wide, 69% of companies reported having a leader in place. However, there is a vast discrepancy – 85% of both banks and technology companies reported having a leader with retail and automotive lagging at 58% and 45% respectively.

“There is a cyber-awareness maturity curve for industries that have been providing Internet-enabled products and services for longer periods of time, versus relatively new products like personalized shopping and connected cars,” said Bell. “Hackers go after the weakest systems, not often the most traditionally lucrative like banks. However, as products evolve to use more connectivity and data, companies can’t afford to get this wrong and let the maturity model hold them back.”

Security executives acknowledged the ramifications of a breach citing reputation (53%), financial loss (50%) and job security (49%) as the top concerns associated with falling victim to cyber-attacks.

Bell added “Consumers have so many options, so there isn’t much patience or loyalty for a company that is lax in its security.”

from Help Net Security http://ift.tt/2aatTN8

DDoS attacks increased 83 percent to more than 182,900 attacks in the second quarter of the year, according to Nexusguard.

The newest report shows that Russia has become the No. 1 victim country. Starlink – a Russian ISP supporting small, medium and large enterprises – received more than 40 percent of the DDoS attacks measured over a two-day period. This targeted DNS attack also pushed the mean average DDoS duration to hours instead of minutes, as measured in the previous quarter.

Nexusguard’s researchers attributed this increase to nationalist hacktivists organizing a targeted attack to take out Russian businesses, rather than outbreaks driven by popular DDoS-for-hire activity.

“We were surprised to see an increase in DDoS attacks this quarter, especially as hackers experiment with ransomware, phishing schemes and other data-grabbing methods for monetary gain,” said Terrence Gareau, chief scientist at Nexusguard. “Organizations can expect cyberattacks to continue growing in frequency this year, especially with more attention on the Summer Olympics and the November election season in the US. The results from this quarter also show how important it is to not only protect your website, but also to plan for new payloads and attacks on your infrastructure.”

The United States and China continue to hold spots for the top three target countries. Brazil remains in the top 10, as well, but saw its attacks decline by more than half.

Nexusguard also measured increases in other attack varieties, including routing information protocol (RIP) and multicast domain name system (mDNS) threats. Hackers are experimenting with new attack methodologies, and with the upcoming Olympics in Brazil and political tensions around the world, researchers predict these factors will contribute to a DDoS spike in Q3.

from Help Net Security http://ift.tt/2atavsX