One in four cyberattacks targets ordinary users
While the majority of cyberattacks are aimed at businesses and other organizations, an increasing number are targeting ordinary users, according to the latest report from Positive Technologies.
The most attractive targets were personal data (30 percent) and credentials (22 percent), especially for online banking. To steal this data, attackers compromised a wide range of websites, including web stores, ticket vendors, and hotel booking services.
A doubling of the number of attacks on cryptocurrencies in the second quarter saw attackers steal over $100 million in total. The share of attacks on web resources has also increased year-on-year (32 percent in Q2 2018 compared to 23 percent in Q2 2017). IoT devices were also hit by a larger percentage of attacks in comparison with Q1 and experts largely associate this increase with new botnets such as PyRoMineIoT, Muhstik, and Wicked Mirai.
Malware attacks decreased to 49 percent, compared to 63 percent in Q1. However, credential compromises jumped by 12 percent over the same period. Q2 also saw targeted attacks account for 54 percent of the total, outnumbering mass campaigns.
"Cyberattacks in Q2 victimized 765 million ordinary users to the tune of tens of millions of dollars," says Leigh-Anne Galloway, cyber security resilience lead at Positive Technologies. "Today, you can never be sure that criminals don't have your credit card number from one source or another. Even when you buy a brand-new smartphone in a store, you can still end up getting pre-installed malware. The upward trend in data theft will likely endure. Many companies fail to properly secure information, making it easy for even low-skilled hackers to steal customer data. Once stolen, this data is often sold on the darknet, as detailed in our report on the criminal cyberservices market."
You can read more about the report's findings on the Positive Technologies website.