[June 20, 2017] |
|
2017 Trustwave Global Report Reveals Cybersecurity Trends
Trustwave today released the 2017
Trustwave Global Security Report which reveals the top cybercrime,
data breach and security threat trends from 2016. The report
demonstrates both good and bad news in the world of cybersecurity as
intrusion detection and breach containment times were relatively better,
but other threats like malvertisements became cheaper and malicious spam
saw increases.
Key highlights from the 2017
Trustwave Global Security Report include:
-
Intrusion (News - Alert) detection gets better, especially when breaches are
self-detected: The median number of days from an intrusion to
detection of a compromise decreased to 49 days in 2016 from 80.5 days
in 2015, with values ranging from zero days to almost 2,000 days (more
than five years). For internally detected incident the median was 16
days, while 65 was the median number of days for externally detected
incidents.
-
Once detected, victims contain breaches relatively quickly: The
median number of days from detection to containment was 2.5 in 2016
with values ranging from -360 days, meaning the intrusion ended 360
days before detection, to 289 days. In cases where containment
occurred after detection, the median duration was 13 days from
detection to containment.
-
Intrusion containment remains stagnant: The median number of
days from an intrusion to containment of a compromise stayed
relatively the same at 62 days in 2016 compared to 63 days in 2015.
-
North America and retail lead in data breaches: Similar to
previous years, 49% of data breaches investigated by Trustwave were in
North America, while 21% were in Asia-Pacific, 20% in Europe, Middle
East and Africa, and 10% in Latin America. The largest single share of
incidents involved the retail industry, at 22%, followed closely by
the food and beverage industry, at nearly 20%.
-
POS breaches increase: Environments most breached in 2016 again
consisted of corporate and internal networks, at 43%. Incidents
affecting POS systems increased to 31% in 2016, from 22% in 2015,
while incidents affecting e-commerce environments fell to 26% from
38%. Incidents involving POS environmnts were most common in North
America, which has been slower than much of the world to adopt the EMV
payment card standard.
-
Payment card data most at risk: More than half of the incidents
investigated targeted payment card data: Card track (also called
magnetic stripe) data, at 33% of incidents, primarily came from POS
environments. Card-not-present (CNP) data, at 30%, mostly came from
e-commerce transactions. Financial credentials, including account
names and passwords for banks and other financial institutions,
accounted for 18% of incidents, followed by other targets.
-
Attackers seek stiff prices for their zero-day vulnerabilities:
In 2016, Trustwave discovered an alleged undisclosed Windows zero-day
vulnerability and accompanying exploit code on sale for an initial
price of $95,000.
-
Exploit market disruption: The most common exploit kits in the
world - Angler, Magnitude and Nuclear - disappeared or went private in
2016, leading to a shakeup of the exploit kit market.
-
Malvertisements get dirt cheap: In 2016, the estimated cost for
cybercriminals to infect 1,000 vulnerable computers with
malvertisements was only $5 -- less than $.01 per vulnerable machine.
Malicious advertising remains the number one source of traffic to
exploit kit landing pages.
-
Malware tries to hide itself: 83% of malware samples Trustwave
examined in 2016 used obfuscation, while 36% used encryption.
-
Malware-laden spam creeps up: In 2016, 35% of spam messages
contained malware, up from 3% in 2015. Meanwhile, 60% of all inbound
email was spam, up from 54% in 2015.
-
Database flaws increase: Database vendors patched 170
vulnerabilities in the most common database products in 2016, up from
139 vulnerabilities in 2015.
-
Applications are almost always vulnerable: 99.7% of web
applications Trustwave application scanning services tested in 2016
included at least one vulnerability, with the mean number of
vulnerabilities detected being 11 per application.
Trustwave Chief Executive Officer and President Robert J. McCullen said,
"Cybersecurity in 2016 had both highlights and lowlights. As our data
breach investigations and threat intelligence show attackers continue to
evolve their tactics and focus on extreme paydays as cybercrime becomes
more like genuine businesses. Meanwhile security skills and talent
remain scarce. As an industry, we must continue to focus on key areas
like threat detection and response, security scanning and testing and
cloud security services that provide meaningful layers of protection
from constantly evolving threats."
Trustwave experts gathered real-world data from hundreds of breach
investigations the company conducted in 2016 across 21 countries. This
data was added to billions of security and compliance events logged each
day across the global network of Trustwave
Advanced Security Operations Centers, along with data from tens of
millions of network vulnerability scans, thousands of web application
security scans, tens of millions of web transactions, tens of billions
of email messages, millions of malicious websites, penetration tests,
telemetry from security technologies distributed across the globe and
industry-leading security research.
To download a complimentary copy of the 2017 Trustwave Global Security
Report, visit: https://www.trustwave.com/gsr/.
About Trustwave
Trustwave helps businesses fight cybercrime, protect data and reduce
security risk. With cloud and managed security services, integrated
technologies and a team of security experts, ethical hackers and
researchers, Trustwave enables businesses to transform the way they
manage their information security and compliance programs. More than
three million businesses are enrolled in the Trustwave TrustKeeper®
cloud platform, through which Trustwave delivers automated, efficient
and cost-effective threat, vulnerability and compliance management.
Trustwave is headquartered in Chicago, with customers in 96 countries.
For more information about Trustwave, visit https://www.trustwave.com.
View source version on businesswire.com: http://www.businesswire.com/news/home/20170620005151/en/
[ Back To TMCnet.com's Homepage ]
|