Data Breaches Cost $654 Billion in 2018

Data Breaches Cost $654 Billion in 2018

Cybercriminals exposed 2.8 billion consumer data records in 2018, costing more than $654 billion to U.S. organizations.
Data from ForgeRock found that cyberattacks to U.S. financial services organizations cost the industry more than $6.2 billion in Q1 2019 alone, up from just $8 million in Q1 2018. Even though investments in information security products and services have been on the rise, with $114 billion invested in 2018, cybercriminals continue to attack organizations across a wide spectrum of industries to gain access to valuable consumer data.According to the research, personally identifiable information (PII) was the most targeted data for breaches in 2018, comprising 97 percent of all breaches. By targeting PII, cybercriminals prove that they’re hungry for consumer data and the research also found the most frequent attack method was from unauthorized access, encompassing 34 percent of all attacks. Healthcare, financial services and government were the sectors most largely impacted by cyberattacks.

“It’s clear from our research findings that consumer data is valuable and highly sought after by cybercriminals as well as very difficult for organizations to protect,” said Eve Maler, VP of Innovation and Emerging Technology of ForgeRock. “Organizations can protect consumer data by implementing a strong customer identity management program. Every industry has incentives to avoid brand damage and costly breaches, and so organizations must use modern techniques of identity and access management to secure their infrastructure, from servers in the data center to client applications and smart devices at the edge.”

The report also found:

  • Almost half (48 percent) of all consumer data breaches happened in the healthcare sector, four times as many in any other sector.
  • Financial services and government were the second and third most victimized industries, collectively comprising 20 percent of all breaches.
  • Although the number of breach incidents in financial services was down 20 percent in Q1 2019, compared to Q1 2018, more than 26.9 million consumer records were compromised in the Q1 2019 breaches alone, which is a 78,900 percent increase over Q1 2018.
  • Date of birth and/or Social Security Numbers were the most frequently compromised type of PII in 2018, with 54 percent of breaches exposing this data.
  • Name and physical address (49 percent) and personal health information (46 percent) were the second and third most commonly compromised type of PII in 2018.

Source: Data Breaches Cost $654 Billion in 2018

Identity Theft and Cyber-Fraud in the UK Hit All-time High

Identity Theft and Cyber-Fraud in the UK Hit All-time High

In 2017 the risk of fraud continued to evolve and intensify in the UK; identity fraud hit a new all-time high and cyber-enabled fraud accounted for an even greater proportion of the growing problem, according to the 2019 Fraudscape report.

In 2017 more than 305,000 instances of fraudulent conduct were recorded to the National Fraud Database:

  • Identity fraud continued to rise, hitting an all-time high of 174,523 cases in 2017 (up one percent from 2016). 95 percent of these cases involved the impersonation of an innocent victim.
  • Eight out of 10 fraudulent applications were made online.
  • There was a 27 percent increase in 14-24 year olds becoming ‘money mules’.
  • Overall bank accounts identified as being used as ‘mule’ accounts were up by 11 percent.
  • More than a third of bank account takeover victims were over 60-years-old.
  • Organizations successfully prevented over $1.6 billion in fraud losses through non-competitive data sharing.

This ‘retargeting’ by identity fraudsters can be seen as a shift towards more accessible products, such as mobile phone contracts, online retail accounts, retail credit loans and short-term loans.

Source: Identity Theft and Cyber-Fraud in the UK Hit All-time High

Ransomware is the Biggest Threat for Small to Medium Businesses

Ransomware is the Biggest Threat for Small to Medium Businesses

Eighty-six percent Small to Medium Business (SMB) clients were recently victimized by ransomware and 21 percent report six or more SMB attacks in the first half of 2017 alone, according to Datto’s State of the Channel Ransomware Report.

Key findings from the ransomware report include:

  • An estimated five percent of global SMBs fell victim to a ransomware attack from 2016 to 2017. According to 97 percent of managed service providers (MSPs), ransomware attacks are more frequent in 2017.
  • According to 99 percent of MSPs, the frequency of SMB targeted attacks will continue to increase over the next two years.
  • Less than one in three ransomware attacks are reported by SMB victims to the authorities, a marked improvement from one in four incidents reported in 2016. Additionally, 35 percent report SMBs paid the ransom, down from 41 percent in 2016. The total cost of ransom paid to ransomware hackers in 2017 is $301M. Of those victims that pay up, 15 percent still never recover the data.
  • As a result of a ransomware attack, 75 percent of MSPs report clients experienced business-threatening downtime. Nearly 30 percent of MSPs report a ransomware virus remained on an SMB’s system after the first attack and struck again at a later time. One in three MSPs report ransomware encrypted an SMB’s backup, making recovery even more complex.
  • Nearly 85 percent of MSPs who’ve dealt with ransomware report seeing CryptoLocker. Additional common variants include CryptoWall, Locky and WannaCry, which is a new addition to the list.
  • Among those industry verticals who are targeted most by ransomware attacks are Construction, Manufacturing and Professional Services. SaaS applications continue to be a growing target for ransomware attacks with Dropbox, Office 365 and G Suite most at risk. Mobile and tablet attacks are also on the rise.
  • While 90 percent of MSP respondents cited they are “highly concerned” about the business threat of ransomware, only 38 percent of SMB clients felt the same. This could be due to the lack of mandatory cybersecurity training across SMBs, which MSPs cite as the leading cause of ransomware infections.

Source: Ransomware is the Biggest Threat for Small to Medium Businesses

Endpoint Security Tools Eventually Fail, Says Report

Endpoint Security Tools Eventually Fail, Says Report

Studying millions of devices, agents, and apps, uncovered that 42 percent of all endpoints are unprotected at any given time, says the 2019 Endpoint Security Trends report.

Two percent of endpoint agents fail per week, meaning 100 percent of endpoint security tools eventually fail.

Additional findings include:

  • 70 percent of breaches originated at the endpoint.
  • 35 percent of breaches are caused by existing vulnerabilities.
  • 28 percent of endpoints are unprotected at any given point in a year.
  • 21 percent of endpoints are with outdated antivirus/anti-malware.
  • Seven percent of endpoints are missing protection.
  • More than 42 percent of endpoints experienced encryption failures.
  • Client management and patching tools break reliably and predictably: 19 percent of endpoints require at least one client/patch management repair monthly.
  • Patch and client management agents are often repeat offenders: of those patching agents requiring repair, 75 percent reported at least two repair events and 50 percent reported three or more repair events. Five percent could be considered to be chronically ill, with 80 or more repair events in the same one-month period.

Source: Endpoint Security Tools Eventually Fail, Says Report

Discovery could lead to better maternal vaccines

Discovery could lead to better maternal vaccines

(Credit: Getty Images)

A newly identified cellular process could lead to safer and more effective vaccines that protect pregnant women and newborns from dangerous infections, researchers say. A new study in Cell describes a previously unidentified route for antibodies to transfer from the mother to the fetus, illuminating a potential way to capitalize on the process to control when and how certain antibodies are shared.

“It’s always been assumed that the types of maternal antibodies that cross over the placenta to the fetus, all antibodies had the same chance of transferring to fetus,” says senior author Sallie Permar, a professor of pediatrics and member of the Duke University Human Vaccine Institute.

“This meant there was no way we could direct certain antibodies across the placenta and to the baby,” Permar says. “Our study found that there seems to be a code on the antibody that determines which antibodies will more effectively transfer across the placenta.”

Permar and colleagues studied two populations of pregnant women in the United States and Malawi infected with HIV, known to inhibit the transfer of antibodies to the fetus—and not just HIV antibodies. The researchers say this feature provided a unique circumstance to explore a little-understood process with implications for numerous common pathogens, including tetanus, pertussis, influenza, and others.

The researchers identified a sugar molecule that interacts with placental receptors, an interaction that had previously not been known to be involved in the antibody transfer process. The finding was corroborated in healthy women by another research team publishing in the same issue of Cell.

“We have shown that the efficiency of antibody transfer across the placenta is differentially regulated,” Permar says. “This insight could improve the design of vaccines for a variety of infectious diseases to improve the transplacental antibody transfer to the fetus.”

“Our findings provide a roadmap of how antibodies cross the placenta to the baby,” says lead author David Martinez, a PhD student. “We hope our results will be useful for developing antibody therapeutics that protect infants against infectious diseases in early life.”

The National Institute of Child Health and Human Development and the National Institute of Allergy and Infectious Diseases partially funded the work.

Source: Duke University

The post Discovery could lead to better maternal vaccines appeared first on Futurity.

Source: Discovery could lead to better maternal vaccines