Cybersecurity Statistics and Facts for the Years 2017-2018

Ransomware and distributed denial-of-service attacks are among the cybersecurity hazards that are becoming more prevalent in a range of domains. The following is the most recent breakdown of cybersecurity statistics, which covers the years 2017-2018.

Is it possible that we are not taking cybersecurity seriously enough in 2018? This is the question that many businesses, governments, and, in particular, internet security professionals are debating this year. Cyber threats continue to be a big concern for everyone. Anybody who has a web presence these days, from the average consumer to the world’s major governments, has been the target of cyber attacks by criminals looking to cause harm and mischief.

In the course of a year or quarter, top cybersecurity research firms and security organizations disclose reams of data on their findings from the preceding year or quarter. They’re on the lookout for both positive and negative trends, as well as innovative new products and services.

“Burst attacks,” according to Cisco, are a growing hacker trend in terms of complexity and frequency that is been observed in recent research. In the words of Radware, a provider of Distributed Denial-of-Service (DDoS) security solutions, “burst attacks,” also known as “hit-and-run attacks,” are a type of Distributed Denial-of-Service (DDoS) attack in which hackers flood an organization’s servers with high-throughput data for a short period of time. Because of the attack’s random and persistent nature, these burst attacks can linger for hours or even days and completely overwhelm an organization’s servers, limiting its ability to deal with the situation effectively.

• How to use public WiFi in a secure and private manner

That is only a small sample of the data that has been disclosed this year, which demonstrates how cybercriminals’ threat is expanding and changing all the time.

In the next section, you will find some recent cybersecurity facts and numbers from 2017-to 2018 that illustrate why everyone should be concerned.

What is the “Overall Picture” in this case? Cybercrime has remained a big problem for many years.

Cisco, Symantec, PwC, and even the United States Department of Homeland Security have all published reports on the state of cybercrime and the readiness of cybersecurity to battle the problem. Corporations and governments, which are typically the primary targets of coordinated cyberattacks, should take note of their results, which are highly alarming to everyone. The majority of customers continue to be exposed, but the biggest danger comes from assaults on businesses and governments that keep large volumes of sensitive data on servers that are sometimes unencrypted or improperly secured.

In today’s world, ransomware is the new, increasing norm against which most businesses must protect themselves. The most severe threat today, however, comes in the form of ransomware, which is distributed via network-based attack vectors, eliminating the need for human interaction during the installation and deployment process. (Cisco)
According to a study conducted by the University of Maryland, cyber-attacks are occurring at a “near constant rate” at the moment. It was discovered that an attack occurs approximately every 39 seconds, according to the survey results. (This information comes from the University of Maryland.)
The threat posed by cyberspace has grown to such proportions that the United States government has ordered that all government entities submit cybersecurity threat reports. After signing Executive Order 13800 into law on May 11, 2017, President Donald Trump issued a directive requiring all federal agencies in the United States to produce threat assessments. On May 18, 2018, the Department of Homeland Security released the first Cybersecurity Risk Determination, Report, and Action Plan. the federal government of the United States of America (referenced in the text).
A study conducted by the United States Federal Government revealed a troubling lack of security readiness among US agencies, with only 27% claiming the ability to detect and investigate attempts to access massive amounts of data. Therefore, large data breaches at a number of federal government agencies in the United States could potentially go undiscovered for a prolonged period of time. the federal government of the United States of America (referenced in the text).

Dwell time, which is the period of time an attacker has undetected access to a system until it is totally removed, increased in most nations in 2017. The average length of stay in the Asia Pacific (APAC) region increased to 417 days in 2017, from 172 days in 2016. There was a decline in the median dwell time in the Americas, which went from 99 days in 2016 to 75.5 days in 2017. (FireEye) The FireEye report for 2018

Assaults detected by external notification systems had a much longer median stay duration than attacks detected by other means. Specifically, in the EMEA region (Europe, the Middle East, and Africa), where the median dwell period of assaults identified externally was more than 12 times longer than the median dwell period of attacks discovered domestically, this was especially true. (FireEye)
In the Asia-Pacific region, the median dwell time for externally detected breaches was 1,088 days, according to the latest available data. (FireEye)
Globally, breaches detected and reported by external sources lasted an average of 186 days, which is slightly more than three times the average duration of breaches discovered and reported by internal processes and tools. (FireEye)

FireEye Cybersecurity

While the median length of stay has increased slightly from year to year, it continues to be much less than it was in the majority of previous years. According to statistics from 2011, the median length of stay was 416 days. According to statistics from 2017, the average length of stay was 101 days. (FireEye)
While externally found and informed attacks can remain active on a system for a longer amount of time, the internal mechanisms in place at firms continue to improve and become more effective over the course of time. Enterprises identified 62 percent of breaches on their own, according to a global survey. (FireEye)
Following an incident, organizations that have been targeted by attackers are typically targeted by the same or similar individuals a short time later. It is estimated that 49 percent of consumers who were assaulted were successfully attacked again within a year, and 86 percent of customers who faced numerous significant attacks also encountered multiple unique assailants, according to FireEye. Companies in APAC countries were substantially more likely than those in other regions to be subjected to many attacks in a short period of time by both repeat and unique attackers, according to FireEye. (FireEye)

FireEye

Symantec’s annual report for 2018

Malware designed to target mobile devices is becoming increasingly common. According to Symantec, the number of mobile malware variants increased by 54 percent in 2017 when compared to the previous year. (Symantec)
This year, the practice of crypto-jacking, in which cryptocurrency miners steal computer resources in order to mine the currency, surged by more than 8,500 percent. According to Symantec, coin mining activity increased by more than 34,000 percent in 2017. Symantec reports that the average ransom requested by ransomware reduced to $522 last year from $680 in 2016. Ransomware is increasingly being used as a kind of disruption and a decoy for other criminal activities, rather than just for the purpose of extracting money from victims. (Symantec) The number of new downloader versions increased by 92 percent in 2017, according to the company. (Symantec) Macs were more targeted by malware in 2017, with an increase of 80 percent in malware that was specifically designed to target Macs. The percentage of spam emails increased significantly in 2017, hitting more than 55 percent of all emails, according to Symantec. Symantec reports that the number of new ransomware variants increased by 46 percent in 2017. The Internet of Things (IoT) devices is being attacked more aggressively than ever before, according to Symantec, which reported a 600 percent increase in attacks on IoT devices in 2017. (Symantec) When it comes to attacking origination, China is unquestionably the most prolific country. China is believed to be responsible for around one-fifth of all cyberattacks worldwide. Approximately 11 percent of all attacks originated in the United States, making it the second most prolific source of attacks. (Symantec) The majority of apps that leak data do so through the exposure of phone numbers, according to the company. Over two-thirds (63 percent) of “leaky apps” revealed phone numbers, which may be contributing to the increase in phone spam calls that many mobile users have been receiving recently. (Symantec)
The number of targeted assault groups that have been detected continues to grow. In 2017, Symantec discovered 140 targeted attack groups that we’re actively pursuing victims. (Symantec)
It is the primary goal of the vast majority of targeted attack groups to gather intelligence on their targets and nothing else. The remainder engages in high-risk disruptive behaviors that expose them to a greater risk of being found and stopped from continuing their activities. (Symantec) In 2017, the vast majority of targeted attacks targeted organizations in the United States, with a total of 303 reported targeted attacks. In second place was India, with 133 points, followed by Japan (87 points) and Taiwan (86 points) (86). (89). (Symantec)

Symantec is the root of the problem.

When attackers undertake supply chain attacks properly, they have the potential to be quite effective. A malicious version of CCleaner, a system cleaning utility, was corrupted in 2017 by supply chain attackers injecting and digitally signing a malicious version of the software into the company’s internal development environment. The infected update version was downloaded more than 2 million times, with the majority of the downloads coming from clients in the United States. (Symantec)
When comparing 2017 to 2016, there was a nearly 88 percent increase in the number of new malware types discovered. (Symantec)
While hackers typically benefit corporations, it appears that coin miners are more beneficial to the general public. By the end of 2017, the number of coin-mining malware attacks had more than doubled, putting users at risk of infection. (Symantec)

Symantec is the root of the problem.

Wipro’s annual report for 2018 is available online.
According to Wipro, 88 records were stolen every second in 2017, an increase from 43 records stolen every second in 2016. The theft of 2.7 billion documents occurred in 2017, more than doubling the number of records stolen in 2016. 60% of companies cited phishing emails as the most common source of endpoint attacks in a recent survey conducted by Wipro Technologies. (Wipro)
The majority of record thefts occurred at the beginning of the year in 2017, according to the FBI. In terms of record theft, the first quarter outperformed the remaining three quarters by a wide margin. (Wipro)

Wipro is the organization that provided the information.

The healthcare business was the target of the most attacks in 2017. Healthcare data breaches accounted for over 40% of all data breaches, according to Wipro. In 2016, that proportion grew to 31%, demonstrating a growing interest on the part of hackers in healthcare institutions. (Wipro)
Throughout 2017, trojans were the most common type of malware used to infect computers, accounting for more than half of all malware infected each quarter, according to Trend Micro. (Wipro)
Code execution problems in security software gained pace in 2017, with the number of disclosed flaws growing from 12 percent to 22 percent 2017. (Wipro)
An internal poll carried out by the company found that 29% of organizations considered “Privileged Access Management” to be their top-rated data security management solution.
SIEM (Security Information and Event Management) systems were the most often used security event notification technologies in businesses. (Wipro)
For threat intelligence, 68% of organizations rely on SIEM vendors, according to research. (Wipro)
Despite the fact that more businesses are purchasing cybersecurity insurance, the number of businesses that do not continues to rise. In 2017, 46 percent of respondents reported that they did not have cybersecurity insurance, a decrease from 53 percent the previous year. (Wipro)
Stroz Friedberg’s 2018 Annual Report
The results of Stroz Friedberg’s survey of organizations revealed that only 24% of risk executives believed their organization had cybersecurity insurance in place (a far lower figure than that reported by Wipro). (Photo courtesy of Stroz Friedberg)
The vast majority (87 percent) of risk management professionals ranked cyber liability as one of the top ten threats facing their companies. (Photo courtesy of Stroz Friedberg)
Businesses spent $86.4 billion on cybersecurity in 2017, representing a 7% increase over the previous year. (Photo courtesy of Stroz Friedberg)
Small businesses have continued to be targeted by cybercriminals. According to the Small Business Administration, 55 percent of small businesses experienced a data breach over the preceding 12 months in 2017. Although cyber risks are a serious hazard, the majority of enterprises still regard them as a secondary concern. (Photo courtesy of Stroz Friedberg)

Stroz Friedberg is a composer and musician from Stroz Friedberg.

According to statistics from 2017, over 81 percent of all attacks were triggered by compromised or stolen passwords, many of which might have been averted with the deployment of multifactor authentication. (Photo courtesy of Stroz Friedberg)
Defending against cyber threats may prove to be financially profitable. Researchers were awarded $70,000 in compensation for identifying vulnerabilities in Apple’s iOS 11.1 mobile operating system. (Photo courtesy of Stroz Friedberg)
When it comes to ransomware attacks, the cost has climbed by 400 percent between 2016 and 2017. Businesses suffered a $5 billion loss as a result of ransomware in 2017. (Photo courtesy of Stroz Friedberg)
The Comodo report for 2018
As a result of Bitcoin’s growing popularity, cryptocurrency miners moved their attention to other cryptocurrencies during the course of 2017. The vast majority of attackers have moved their attention away from Bitcoin mining and toward Monero mining, resulting in a torrent of new malware variants designed to mine Monero and other non-Bitcoin currencies flooding the market. According to Comodo, hackers quickly identified a way to fake the Coinhive service, allowing them to infect websites throughout the world with malware and mine bitcoin illegally from unsuspecting website visitors. For the first time in 2017, bitcoin mining eclipsed ransomware as the most common type of cyberattack on the internet. In 2017, Comodo discovered that unwanted apps were the most often seen malware triggers. During 2017, the number of Trojans infiltrating networks in Germany was extremely high, according to Comodo. Last year, the United Kingdom was a “glowing orb of malware,” according to Comodo, which monitors computer security. As reported by Comodo, in 2017, Japanese networks were subjected to an exceptionally unusual and continuous pattern of exploit malware, which Comodo believes should be investigated quickly by the country’s cybersecurity professionals. (Comodo)

Comodo

PwC’s 2018 Annual Report
87 percent of the CEOs polled admitted to making investments in cybersecurity in order to increase customer and client confidence. (Image courtesy of PricewaterhouseCoopers.)
In regards to the usage and storage of consumer data, 81 percent of businesses claim to have rules in place that are transparent. (Image courtesy of PricewaterhouseCoopers.)
CEOs in the Middle East are more likely than CEOs in other regions to state that their companies are making investments in cybersecurity technology. In the Middle East, 62 percent of CEOs reported that their companies had increased customer trust through cybersecurity investment, compared to 52 percent in North America, 47 percent in Western Europe, 46 percent in the Asia Pacific, 43 percent in Latin America, 43 percent in Central and Eastern Europe, and 43 percent in Africa (38 percent). (Image courtesy of PricewaterhouseCoopers.)

PwC

Only 56 percent of businesses claim to have a comprehensive information security strategy. (Image courtesy of PricewaterhouseCoopers.)
Currently, just 53% of firms state that they need their employees to get privacy policy training. (Image courtesy of PricewaterhouseCoopers.)
Many businesses are completely ignorant of the extent to which they are in possession of personal information. Only little more than half of those who answered the survey said they had an accurate inventory of their personal data. (Image courtesy of PricewaterhouseCoopers.)
Approximately 48% of businesses believe that contemporary authentication techniques, such as multifactor authentication, have assisted them in reducing fraud losses. (Image courtesy of PricewaterhouseCoopers.)
The majority of organizations (60 percent) employ biometrics as one of their sophisticated authentication techniques, and this is a trend that will continue. Smartphone tokens were the least frequently used, with only 48 percent of organizations reporting that they were in use. Multifactor authentication is now used by almost half of all enterprises. (Image courtesy of PricewaterhouseCoopers.)

PwC

Security-related activities and decision-making are carried out by boards of directors on a relatively rare basis. Only little more than a third (31 percent) of the firms surveyed stated that their board of directors participates in the process of examining security and privacy issues. (Image courtesy of PricewaterhouseCoopers.)
However, even high-value firms often have a board of directors that is mostly uninvolved in matters relating to cybersecurity and data privacy. A total of 36% of such businesses stated that their boards of directors are involved in the evaluation of such policies and risk exposures. (Image courtesy of PricewaterhouseCoopers.)
Major corporations are more likely than smaller businesses to have a comprehensive information security strategy. 71 percent of respondents say they have such a strategy in place, with 69 percent requiring employees to get privacy policy training. (Image courtesy of PricewaterhouseCoopers.)

PwC

The data security policies of companies in Asia and North America are setting the bar for the industry. The likelihood of comprehensive security strategies in both regions is higher. Businesses in both regions are more likely to require employee training on security policies, maintain accurate inventories of personal information, restrict how much data they collect and who has access to it, monitor compliance of third parties who have access to data, and obligate all third parties to comply with internal data policies. Despite this, fewer than half of all enterprises in Asia and North America comply with these criteria. (Image courtesy of PricewaterhouseCoopers.)
In order to facilitate cross-border data transfer, the vast majority of organizations have employed at least one technique. The Privacy Shield is being used primarily by 38% of respondents. (Image courtesy of PricewaterhouseCoopers.)
The vast majority of businesses waited until the last minute to comply with the EU’s General Data Protection Regulation (GDPR) rules, which compel enterprises to take additional precautions in their use and protection of client data in order to remain in compliance. Although the General Data Protection Regulation (GDPR) became effective in 2018, only 32% of respondents stated that they began their GDPR assessments in 2017. The vast majority of firms either waited until the last minute in 2018 to implement GDPR or have not begun GDPR implementation at all yet.
In 2018, cybersecurity is a significant responsibility for everyone, regardless of their profession.
In 2017, and again in 2018, some notable trends surfaced from all of the major cybersecurity reports produced during that time period.

Despite the growing number of cyber threats and the increasing complexity of these attacks, businesses continue to be hesitant to respond to cyber risks by improving their preparation. Given the vast amounts of consumer data that corporations and governments now control, it is not surprising that the bulk of reports suggest that enterprises and governments continue to be the primary targets of the vast majority of cybersecurity threats. Bitcoin mining, on the other hand, is a considerably more common source of concern among customers.

With regard to the most popular attack vectors, it appears that ransomware is the most prevalent, but a rising number of bad actors are turning to coin-mining software, which allows them to gain access to revenue sources quickly and with no effort. Additionally, it appears as though ransomware is becoming a preferred tool for disruption rather than for cybercriminal profiteering rather than the reverse.

Businesses will need to continue to protect themselves against distributed denial-of-service (DDoS) assaults, particularly from attack organizations that deploy unique methods of overloading and disrupting network communications. As is common for scammers, they are aiming to make a quick and easy profit. Meanwhile, new cybercriminal organizations are springing up, many of which are backed by governments intent on wreaking havoc for political purposes.