They main motivation behind cyber-attacks is for financial gain,with 76% of all cyber-attacks being financially driven and 13% motivated by espionage. Other common motives include entertainment, political exposure and personal vendettas. The study showed that 50% of all breaches were carried out by organised criminal groups, with the rest of the culprits comprising of internal actors, partners and lone wolves. Interestingly, 15 attacks which took place in 2018 were masterminded by former employees of the targeted company.
Small businesses have been worst affected in the past year, making up 58% of all cyber-attack victims. Amongst those heavily affected by breaches were the public sector, healthcare, retail, food and property management. Making up 24% of all cyber-attacks, the healthcare industrywas particularly affected, followed closely by accommodation and food at 15%and the public sector at 14%.
The most common attack of the past year at 48% was the misuse ofstolen credentials obtained through hacking. Just below this was the implementation of memory-scraping malware or ‘RAM scrapping’, which is designed to strike in the split second that your data is vulnerable. The figures involving malware stand at 30% of all attacks. The majority of these attacks took place through the central database.
Personal data has been targeted the most in the past year, followed by payment details, medical information, confidential files and credentials. This data can then be used to hold the business to ransom,damage their reputation, gain money from the press or sold on through other mediums, such as the dark web.
The statistics revealed that 68% of those affected by breaches didn’t find out that they had been affected until months later. Often malware can be sat in your system without you noticing any difference, all the while gathering information.
Whilst it is a good idea to keep your staff updated on good practice when it comes to computer security, it does appear that people are getting pretty good at spotting the more obvious signs of untoward cyberactivity. This study revealed that 78% of people didn’t click on a phishing email all year. Unfortunately, only one person is needed to enable hackers access so even if it’s a quick refresher, make sure your employees are security savvy.
Whilst you can help protect your business through training and a robust security system, just one slip up can result in a cyber-attack. One of the best means of defence can be to take out cyber insurance, which has been specially designed to act as damage control should you fall victim to acyber-attack. This will cover you for any downtime your business faces, along with areas such as legal fees and reputational damage. Call us on 01227451133 to find out more.