Lessons learned? A look back at five cyber-security trends of 2015

[Audrey McNeil <audrey () riskbasedsecurity com>]

http://www.scmagazineuk.com/lessons-learned-a-look-back-at-five-cyber-security-trends-of-2015/article/461033/

> From Ashley Madison and Anthem, to TalkTalk and Carphone Warehouse, many of
the cyber-attacks last year were large scale, high profile and extremely
damaging to the companies involved, not least from a reputational
perspective. As a result, we've seen cyber-attacks and other security
issues receiving far more attention globally last year, both in the
newsroom and at government level. Below are five conclusions that can be
drawn regarding emerging trends in the cyber-security landscape.

1. There has been a major increase in state-sponsored and nationalist
cyber-attacks

2015 saw more than its fair share of highly targeted state sponsored cyber
attacks, with China and Russia two of the major perpetrators, amongst
others. It's widely believed that many of the US healthcare attacks to
occur in 2015 were the work of Chinese espionage, particularly the attacks
on Anthem (up to 70 million members affected) and Premera (up to 11 million
records exposed). In fact, with so many attacks attributed to China this
year, many experts believe that Chinese hackers are compiling profiles of
millions of US citizens, particularly intelligence agents. It was recently
announced that President Obama and Chinese President Xi Jinping have come
to an agreement to end cyber-attacks between their two countries. However,
if recent discoveries - most notably Operation Iron Tiger and the 3102
malware attacks on US Government and the EU Media - are any indication, a
true cyber-ceasefire for state-sponsored hacking may be a long way off.

Closer to home, George Osborne recently announced that the UK is set to
double UK funding to fight cyber-crime to £1.9 billion over five years.
This is in response to growing evidence that nationalist militants in the
Middle East are trying to develop the ability to launch deadly
cyber-attacks on UK infrastructure including hospitals and airports, from
anywhere in the world.

2. Cyber-attackers continue to increase in reach and creativity

Forget the “sophisticated attacks” you keep seeing in headlines. While
attacks are without a doubt growing in sophistication, 2015 has seen many
using the same old tactics, but in more creative ways. Social engineering
attacks such as spear-phishing have become more targeted and resourceful
than ever before, relying on crafty cyber-sleuthing and other tricks to
make their efforts even more effective. For instance, many victims of the
recent TalkTalk data breach (157,000 customer records breached) claim to
have been targeted by very sophisticated phishing attacks, some occurring
even before the breach was reported in the media. In one case, the
perpetrators were able to slow down the victim's internet connection before
contacting him under the guise of TalkTalk's technical support team. They
then used the personal details stolen in the breach to try and extract
payment details from the target over the phone.

3. The insider threat continues to be a major concern for businesses of all
sizes

Data security breaches can be devastating in terms of cost and reputation
so efforts are rightly directed at protecting the perimeter of an
organisation's IT systems from unauthorised intruders. The threat from
within, however, is harder to guard against.

It has been widely reported that breaches such as Ashley Madison (37
million records stolen) and Morrison's (100,000 staff records leaked) were
both perpetrated by insider threats. However, spotting security threats
from within can be incredibly difficult because the attacker often has
legitimate access to the data they steal.

Alongside enabling innovation and productivity, every company has to deal
with this growing issue. Despite this, of the 770 businesses polled in a
recent survey by the SANS Institute, 32 percent had no systems in place to
protect against insider attacks, around half struggled to estimate the
damage from such an attack, while 44 percent didn't know how much they
spent on preventing insider threats. Clearly this needs to change during
2016.

4. The healthcare industry is fast becoming the top target for
cyber-criminals

The healthcare sector solidified its place as the favourite target for
cyber-criminals in 2015, particularly in the US. In fact, recent research
found that the healthcare industry sees 340 percent more security incidents
than other industries. The same study also found that healthcare firms are
200 percent more likely to lose data in security incidents and 400 percent
more likely to fall victim to advanced malware. These figures are
reflective of the state of cyber-security in the healthcare industry; given
healthcare firms' lack of IT funding and other security resources, it makes
sense that healthcare data continues to be low hanging fruit for attackers.
Last year's mega breaches in healthcare tell the tale here, with the top
five globally – Anthem, Premera, Community Health Systems, Carefirst, and
Systema – totalling just shy of 100 million records lost.

5. Cyber-security has gone mainstream

This is a trend that has been growing over the past few years, but there's
no question that cyber-security made it to the forefront of mainstream -
and arguably achieved pop culture focus - in 2015. From record-breaking
attendance at conferences such as RSA, InfoSecurity and Black Hat to the
tabloid-like media frenzy following the Ashley Madison and TalkTalk data
breaches, cyber-security is “in.” We can only hope that this heightened
attention spills over to improved cyber-legislation and prioritisation of
security in the private sector.

Many of these trends have been developing slowly for several years, but
2015 is when they truly came to the fore. What they show us is that
cyber-security will only grow in importance as the world we live in becomes
increasingly connected and reliant on technology. However, by learning from
breaches such as those at TalkTalk, Ashley Maddison, Morrison's, Carphone
Warehouse, Anthem, Premera and many more, businesses and organisations can
take steps that will prevent them from being a next global security
headline in 2016.

_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://lists.osvdb.org/mailman/listinfo/dataloss
For inquiries regarding use or licensing of data, e-mail
        sales () riskbasedsecurity com 

Supporters:

Risk Based Security (http://www.riskbasedsecurity.com/)
Need access to data breach details or alerts when new breaches happen? Risk Based Security's Cyber Risk Analytics 
portal, fueled by the RBS breach research team, provides detailed information on how data breaches occur and which 
vendors to trust. Contact us today for a demo.