Past cyber attacks and the tools used to carry them out have led to new breaches this year, according to key findings in a new mid-year cyber crime trend report just released by cyber threat intelligence provider SurfWatch Labs. In a study of events that occurred in the first half of 2016, the stockpile of personal information garnered from old data breaches led to new compromises and lucrative payoffs for cyber criminals.
While the diversity of cyber threats can seem overwhelming when viewed in isolation, when viewed collectively, they paint a picture of an increasingly connected cyber crime world. Malicious actors excel at taking one piece of information and leveraging it to perform additional attacks, gain more information, and widen their reach. The stories so far in 2016 clearly demonstrate this method and capability, with numerous cyber incidents tied to previous data breaches. The effects of cyber crime continue to ripple outwards – affecting those in the supply chain and beyond.
Motivations behind the attacks ranged by industry and predictably, not a single sector was left untouched by the unscrupulous actors. The new report does indicate that the familiar company response to a breach — "We were breached by a sophisticated attack but it has now been contained" — actually contradicts what has really happened so far this year. In truth, the majority of tactics used were not new or sophisticated.
To compile this report, SurfWatch Labs collected tens of thousands of cyber event activities from open and Dark Web sources and then normalized, categorized and analyzed the data for impact based on the CyberFact information model. Knowing the breakdown of industries targeted, the effects of attacks and the tactics criminals employed provides better insight into what the bad guys are up to. This translates into more informed forecasts of how cyber crime will impact organizations similar to yours and consequently, what to do to minimize your risk.
In this slideshow, Adam Meyer, chief security strategist, SurfWatch Labs, has highlighted key findings from the report.
Executives at several top tech firms outline the skills they need now and in the near future, including IaaS and IoT security expertise. Other skills listed may surprise you. ... More >>
Security professionals are in demand right now, and entry-level security jobs generally fall into either an engineer or analyst role. Find out more about required skills and career paths. ... More >>
Experts predict how cybersecurity will affect and involve our government, policies and politics in 2017. ... More >>