Ransomware to target incident response services, says study


A new study of the methods used by cyber attackers has found that those using ransomware switched their focus from extorting money from victims to putting pressure on incident response.

The research, carried out IBM X-Force in its “Threat Intelligence Index”, also found that human error alone is responsible for two-thirds of records that have been compromised in the past year.

Though a total of 2.9 billion user information records were obtained by attackers in 2017, this is down 1.1 billion compared with 2016, the report’s authors write. Ransomware was by far the dominant method of attack, including pseudo-ransomware which is designed to be purely destructive.

Plain ransomware will try to gain money from infected machines by locking users out until a ransom is paid and an encryption key is provided; pseudo-ransomware, meanwhile, will either lock up machines or erase data with seemingly no motivation, like WannCry or NotPetya.

The Index is based on IBM’s analysis of data collected from hundreds of millions of endpoints, users and servers spread across 100 countries.

The report also found there was a staggering 424 per cent increase in security breaches related to improperly configured cloud infrastructure – a problem almost entirely attributable to human error. Indeed, such attacks were responsible for the exposure of 70 per cent of all records that were compromised in 2017.

Its authors say that this rise indicates that cyber criminals are increasingly aware of poorly-configured cloud servers as a rich vein for exploitation.

Elsewhere the report said that individuals lured to share details via phishing scams represented a third of all activity that led to a “security event” last year.

“Inadvertent insiders were found to be a major issue for security teams to reckon with, stressing that enterprises’ cyber security awareness programs need to keep pace with the changing landscape and provide continued role-based training for all employees,” its authors explained.

About Lee Hazell

Lee Hazell is a cyber security consultant with a keen interest in anything tech or security related. Follow Lee on .

Leave a Reply

Your email address will not be published. Required fields are marked *