The Cloud and Politics Are Growing Attack Triggers
- 1 of
-
The Cloud and Politics Are Growing Attack Triggers
The U.S. has become the global capital of cyber-crime, partially because it is home to a huge chunk of the cloud. Another trigger is America's political scene. -
Attack Central
A whopping 63% of attacks that occurred in 2016 originated from IP addresses within the U.S. The country that originated the second most attacks was the U.K., with just 4%. -
Government Risk Is Rising
The government sector joined finance at the top of the list of targeted industries, with 14% of all detected attacks victimizing each of those sectors. Manufacturing firms were targeted in 13% of attacks. -
Suspicious Activity Dominates
30% of all attacks were categorized as "suspicious activity," such as privileged access attempts, exploitation software and policy denials on security controls. Next on the hit list were Web apps, which accounted for 16% of attacks. -
Ongoing Challenge
47% of detected vulnerabilities are more than 3 years old, indicating that patch management remains a significant challenge. -
New Vulnerabilities
Conversely, the 14 new vulnerabilities discovered during 2016 marked the smallest number since 2012. -
More Planning Needed
The number of organizations with formal incident response plans rose from 21% to 32%, but that means 68% of companies still have no formal plan in place. -
Malware, Ransomware in Command
Malware commanded 41% of all incident response engagements during 2016—more than double the 19% it generated in 2015. More than half of those engagements were tied to ransomware. -
Incident Response
59% of all incident response engagements occurred in four industries: healthcare (17%), financial services (16%), professional services (14%) and retail/wholesale (12%). -
Searching for IoT Devices
66% of all internet-of-things attacks were attempts to discover specific IoT devices, such as a particular model of video camera. -
Four Growing Threats
Phishing/social engineering/ransomware Business email compromises IoT and DDoS attacks Attacks targeting end users
Dominating the cloud and the world's political discourse apparently comes with a price. As the country that serves as the predominant location of cloud-hosted infrastructure globally, the United States has also become the epicenter of cyber-crime. An analysis of the "2017 Global Threat Intelligence Report" by NTT subsidiary Dimension Data found that the overwhelming majority of cyber-attacks originate from U.S.-based IP addresses, and that many of those attacks rely on public cloud assets as their launching points. And that's not all: The white-hot political climate in the U.S., fueled by last year's bitter election and the initial claims of Russia's meddling in the election results, also helped make the government sector one of the biggest and fastest-growing targets. "Governments all over the world are constantly under the threat of sophisticated attacks launched by rival nation-states, terrorist groups, hacktivists and cyber-criminals," said Matthew Gyde, Dimension Data's group executive of security. "That's because government agencies hold vast amounts of sensitive information—from personnel records, budgetary data and sensitive communications to intelligence findings." The data behind the report was collected from the networks of 10,000 NTT clients across five continents, including 3.5 trillion security logs, 6.2 billion attempted attacks, and global honeypots and sandboxes located in more than 100 countries.