Can Technology Save Us From Evolving Cybersecurity … · · 2014-11-26Can Technology Save Us From Evolving Cybersecurity Threats? ... Respondents to Radware’sSecurity Industry
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Attacks Are Changing In Form, Complexity, Volume and Timing
2.47M+ New mobile malware samples collected in 2013Source: McAfee Labs Threat Report Q4 2013
1,800 Number of new distinct families of viruses detected in the past yearSource: Fortinet Threat Landscape Report 2014
87% DDoS attacks resulting in enterprises experiencing service level issues, service degradation and outagesSource: Respondents to Radware’s Security Industry and Security Executive Surveys 2013
197% Increase in malware samples in 2013 from 2012Source: McAfee Labs Threat Report Q4 2013
$3.5M Global average cost to a company due to data breaches and 15% more than what it costs last yearSource: Ponemon 2014 Cost of Data Breach Study: Global Analysis
10K New strains of malware released everyday – distributed by 100k new domains everydaySource: Imperva
SOURCE: Data sourced from 9th Annual Worldwide Infrastructure Security Report and ATLAS data (Arbor Networks)
In May, the U.S. Justice Department indicted 5 Chinese military officers on charges of hacking into the computer networks of U.S. companies and stealing commercial secrets. It linked all of them to PLA Unit 61398 in Shanghai.
• Political Statement• Protest
• Military Actions• Industrial Advantage
• $$$$$$• Extortion• Commercial Ransom
• Sell Trade Secrets• Disgruntled Employee
In a manifesto announcing its DDoSoperation, Anonymous railed against Sony for going after coders who seek to modify hardware that they own.
Hackers found vulnerabilities in the company’s network through remotely controlled HVAC systems and were able to access payments system data of over 40 Million credit cards.
Matthew Keys used his access as a former employee of the Tribune Co. to help a hacker deface the website of the Los Angeles Times in 2010.
Low
Med
ium
High
High
Source: Analysis of the North American Managed Security Services Market, July 2014.
Global at a glance This year’s annual study was conducted in the United States, United Kingdom, Germany, Australia, Japan, France and for the first time, the Russian Federation, with a total benchmark sample of 257 organizations. Country-specific results are presented in seven separate reports. Figure 1 presents the estimated average cost of cyber crime for seven country samples involving 257 separate companies, with comparison to last year’s country averages. Cost figures are converted into U.S. dollars for comparative purposes.2 As shown, there is significant variation in total cyber crime costs among participating companies in the benchmark samples. The US sample reports the highest total average cost at $12.7 million and the Russian sample reports the lowest total average cost at $3.3 million. It is also interesting to note that all six countries experienced a net increase in the cost of cyber crime cost over the past year – ranging from 2.7 percent for Japan to 22.7 percent for the United Kingdom. The percentage net change between FY 2014 and FY 2013 (excluding Russia) is 10.4 percent. Figure 1. Total cost of cyber crime in seven countries Cost expressed in US dollars (000,000), n = 257 separate companies
2The Wall Street Journal’s August 1, 2014 currency conversion rates.
Global at a glance This year’s annual study was conducted in the United States, United Kingdom, Germany, Australia, Japan, France and for the first time, the Russian Federation, with a total benchmark sample of 257 organizations. Country-specific results are presented in seven separate reports. Figure 1 presents the estimated average cost of cyber crime for seven country samples involving 257 separate companies, with comparison to last year’s country averages. Cost figures are converted into U.S. dollars for comparative purposes.2 As shown, there is significant variation in total cyber crime costs among participating companies in the benchmark samples. The US sample reports the highest total average cost at $12.7 million and the Russian sample reports the lowest total average cost at $3.3 million. It is also interesting to note that all six countries experienced a net increase in the cost of cyber crime cost over the past year – ranging from 2.7 percent for Japan to 22.7 percent for the United Kingdom. The percentage net change between FY 2014 and FY 2013 (excluding Russia) is 10.4 percent. Figure 1. Total cost of cyber crime in seven countries Cost expressed in US dollars (000,000), n = 257 separate companies
2The Wall Street Journal’s August 1, 2014 currency conversion rates.
• Zero Day and Half Day Attacks- The average zero day exploit will last 26 months before being detected- The average half day exploit will last 6 months before being patched
• Increase in targeted attacks- Significant research prior to attacks
• Growing regulatory and compliance requirements- Greater transparency- Reaching critical mass
• Significant increase in DDoS attack volume and bandwidth• Nation state actors beginning to beta test capabilities “contract out” to organized crime• Black market trading sites increasing