List: Phantom data, spooky spam, disturbing DDoS and sinister spooks.
Halloween is fast approaching, and security professionals across the world are having recurring nightmares involving data breaches, phishing, malware and viruses. Channelling our inner Freddie Kruger, CBR is pulling the nightmares into reality, putting a number on the scariest elements of the threat landscape.
Below are our top 10 cyber security nightmares, contributed by security firms heading to Security Serious next week – a campaign aimed at making UK Plc a safer place to trade online.
Read on, if you dare…
1. Spooky Spam
Apparently you get 12 spam emails a day, which adds up to 4000 spam emails per person, per year! With just one bad spam email all it takes to get into your network, a small company of 20 people would have to deal with 80,000 of spam per year, according to ESET.
2. Disturbing DDoS
Corero has reported a 32% increase in DDoS attacks in the last quarter, with 4.5 attacks happening every day. With the majority of these attacks less than 1Gps and lasting for less than 30 minutes, these sub=saturating attacks are used to distract victims while other malware attacks the network.
3. Deadly Data Breach
A shocking 9 out of 10 large organisations have suffered some sort of security breach according to PWCs 2015 information security breaches survey. The cost of a data breach has nearly doubled, with the average cost of the worst breaches between £1.4m and £3.14m.
4. Scary Snoopers
Moral of this list is to not trust anyone. Varonis has reported 71% of people have access to company data which they shouldn’t even see! And stop being social – 12% of organisations have already had a virus enter their network via social media according to ESET.
5. Foolish Phishing
According to SANS Institute, 95% of all attacks on enterprise networks gained access via a spear phishing attack. A spear phishing attack is an email targeted at specific individuals that is engineered to look legitimate and fool even tech-savvy users.
6. They are watching you……
A hacker may be watching you right now……if you are on a public network and have not bothered to secure your device. More than 80% of people accessed public networks from their corporate devices – at a hotel, convention centre, coffee shop – with more than 60%having accessed such a network at the airport.
According to Bromium, these figures show that people are not worrying about security implications, meaning a hacker could be watching everything you’re doing.
7. Sinister Spooks
If the hackers are not watching your every move you, then it may be the government tracking your daily activities. According to Tripwire, 64% of organisations are a potential target for Nation-State cyber attacks.
8. Perilous Passwords
When it comes to passwords, it’s bad news all round, with Lieberman Software finding that 40% of passwords do not get changed in more than a year.
But it gets worse. 58% of admin passwords, the passwords which could be viewed as the keys to the kingdom, don’t get refreshed for at least 90 days.
9. Rattled by Ransom
According to ESET, over a third of UK companies have been held to ransom by hackers or know someone who has had their networks attacked by ransomware. This is only going to get worse, with Bromium stating that attacks via ransomware are only going to rise as cybercrimminals realise it is a lucrative form of attack.
10. Phantom Data
Of huge concern is the next stats from Varonis – 75% of employees claim that their organisations could not tell them what happens to lost data, files or emails.
This concern over phantom data is filtering down to consumers, with a Bit9 + Carbon Black survey finding 81% of people worry that their personal data might have been stolen without anyone noticing.