According to reports, at least eighty five percent of all organizations have experienced phishing andsocial engineering attacks. This clearly indicates a sixteen percent rise in phishing and social engineering,solely in the year 2019. Other popular forms of cyberattacks include ransomware and supply chainattacks. Although cybercrime is at its all-time high, there have been several cybercrime attempts thatorganizations have foiled with the help of cybersecurity firms. These firms make use of ethical hackersand security experts to offer both preventive as well as damage control support. While preventivemeasures include penetration tests that nail down existing vulnerabilities, damage control includesretrieval of encrypted data.
The year 2019 has been an eventful journey with cybercriminals devising more and more creative cyberattack strategies. The victims of these attacks include government agencies, healthcare, educationalinstitutions, small to mid-sized businesses and professionals. As most larger businesses have adoptedsound cybersecurity measures, the cybercriminals were probably left with no choice but to target thegovernment agencies and mid-sized businesses. With so much going on in the cybercrime arena, youmay have definitely missed out on some of the action. To help you make up for that, we have compileda comprehensive cybercrime report for the year 2019.Ransomware Attacks on Government Agencies
With the series of indictments against those involved in ransomware attacks, one may have assumedthat these attacks may have declined. However, that is far from the truth as this form of cyberattackcontinues to be the most prevalent, and has increased by at least sixty percent. The public-sectoragencies, schools, colleges, religious organizations, and mid-sized professional organizations such as lawand accounting firms have been the key victims in 2019.The main malware used to launch cyberattacks in 2019 include GandCrab, Ryuk, Dharma variants, Rapid,and Phobos. Close to two-thirds of all cyberattacks have reportedly been launched against USgovernment agencies. While some have resisted paying a ransom, most of them went for it probablybecause it was more economic. Thats something they probably learned from the City of Atlanta, whichended up spending $2.6 million to restore their systems. Now thats quite high against the $52,000 thatthey could have paid in Bitcoin, as ransom.
Other municipalities that have been a victim of ransomware attacks include theCity of Louisiana whichwas hit by Ryuk malware, Pensacola, and several others. As the year is about to end,New Orleans seemsto be struggling to find its way out of a cyberattack. On the other hand, the UK Government seems to bedoing pretty well in the cybersecurity arena by issuing prompt alerts.Evilcorp Russian Cyber Attackers involved in Phishing Unveiled
However, indictments have been issued against the two Russian cybercriminals who were allegedlyinvolved in this crime. The indictment was preceded by a rigorous 2-year investigation that was carriedout by the concerned authorities in the US and the UK. This Russian cyberattack caused losses of over ahundred million US dollars in 2019, by deploying Dridex, a Bugat malware. This money was then movedaround by money launderers and eventually transferred to Evilcorp, which was operated and managedby the two Russians.
The year 2019 chronicles a record-high in financial cyber crimes such as phishing, and we simply couldnot avoid mentioning it in our cybercrime report 2019. From search results hijacking to using fake loginpages, theres no tactic that these criminals have spared. The worst of all phishing attacks has been theRussian cyberattack through a company called Evilcorp, operated by two Russians. One out of these twowas a former employee of the Russian Intelligence, which indicates the possibility of a cyber global war.
The US authorities have declared a whopping $5 million reward (the highest ever for a cybercriminal) foranyone who can provide useful information about the two Russians. Although that may seem a little toohigh, it isnt much considering the fact that one out of the two cybercriminals caused additional losses ofseventy million US dollars in a previous phishing attack. This previous cyberattack deployed a malwarecalled Zeus.Supply Chain Attacks in 2019
According to sources, supply chain attacks increased by 78 percent in 2017 and 2018 and this year wasno different. The most noteworthy supply chain incident in 2019 includes tortoise shell. Besides that,there have been close to 4700 attempts made in this direction and if you run a business then its time toadopt preventive measures. The only way to prevent supply chain attacks is by ensuring that all yourassociates, business partners, traders, contractors and everyone else meets certain security measures.Cyber attacks in 2020 The road ahead
After intensive research, our cybercrime report 2019 concludes that there is going to be a possibleincrease in phishing and ransomware attacks in 2020. So, we would like to emphasize the need to bemore careful about the attachments that you download on your computers, phones and other devices.In the year 2020, we expect ransomware attacks to continue victimizing the government sector,healthcare, and mid-sized businesses. While supply chain attacks would continue to target softwarecompanies involved in providing services to the larger ones. The only way to counter these cyberattacksis by maintaining regular backups and implementing strong security measures.As most cyberattacks are directed towards organizations, we understand how difficult it is to monitor alarge number of employees and the attachments that they download. After all, it takes just onemalicious attachment to breach the security of an entire organization.
So, we recommend that you consider investing in cybersecurity insurance that offers wide coverage.Also, organizations must hire the services of cybersecurity firms to identify vulnerabilities and to fixthem. There are several European cybersecurity firms that you can hire to run regular penetration testsand plan necessary security measures. As a responsible financial intermediary, Small World prides itselffor complying with the security protocols laid down by PSD2 and other advanced security measures.