The Beazley Group, a British insurance Group, recently released a report based on an analysis of 3,300 data breaches. It pointed out that intrusion or malicious program is still the main cause of data leakage. 71% of the companies that subjected to extortion software attack are SMEs.
According to the report, last year 47% of data breaches happened due to hacking actions or malicious programs, 20% of them were accidental leaks, 9% of them were caused by internal employees, 8% of them were leaked from social engineering practices, and 6% of them came out with portable devices, and 5% of them occurred because of physical records loss.
The most common malicious programs are ransomware and financial Trojans. Beazley found that many amateur hackers used ransomware-as-a-service (RaaS) to launch attack. Although hackers attacked all sizes of targets, 71% of the targeted companies notified to Beazley are SMEs.
The researchers analyzed and concluded that this is because SMEs usually outsource IT services, and let employees access them through the Remote Desktop Protocol (RDP). Hackers can drop in ransomware to demand a ransom from the enterprise by simply brute force cracking of these public RDP transmission codes
The average ransom paid by enterprises that were blackmailed in 2018 was $116,000 USD. The hacker had demanded a ransom of up to $8.5 million from a large-scale enterprise. Fortunately, the large-scale enterprise had already backed up their important files and did not let the hackers get what they wanted. As for the maximum ransom Beazley paid for their customers, it did not exceed $1 million.
The statistics show that in the industry rankings being blackmailed, the health care industry is on the top of the list that accounted for 34%, followed by the professional services/financial institutions that amounted for 12%, retail accounted for 8%, education amounted for 7%, manufacturing and government agencies also amounted for 6%, 4% for real estate, and 3% for the hotel industry.
With the increasing ransomware attack, enterprises should conduct proper training to prevent employees from falling into the trap of phishing attacks. They ought to regularly back up key data to prevent data loss due to malware corruption. In addition, turn off RDP, enable multi-factor identity authentication, and timely fix security vulnerabilities and deploy anti-virus software to provide comprehensive security protection.
Published by Emerson L. Sullivan & last updated on March 29, 2019 2:54 am