Key Findings: Secureworks State of Cybercrime Report 2018
This morning, Secureworks Counter Threat Unit released their State of Cybercrime Report 2018. This report outlines the current digital threats and hacking tactics plaguing enterprises today. Additionally, the report explores the evolution of cybercriminals and their marketplaces.
The Secureworks State of Cybercrime Report 2018 details the behavior of Dark Web criminals and the extensive security efforts the most experienced hackers take to avoid detection by law enforcement—both as individuals and for their illegal online marketplaces.
However, perhaps their most critical statement by the report is the usual cybersecurity tactic of combating known digital threats will always give cybercriminals have the upper hand against enterprises. The reason is simple: enterprises following these practices are always on the defensive, and thus always caught on the backfoot.
Other key findings from the Secureworks State of Cybercrime Report 2018 include:
- Cryptocurrency mining malware is still a popular attack tactic, despite Bitcoin and Monero’s decreasing in value in 2018.
- There has been no significant decrease in other attack tactics such as ransomware and point-of-sale memory scrapers.
- At least one-third of enterprises experienced a cryptocurrency mining attack in 2017.
- Spam is still a leading attack vector for hackers to access individual identities and systems.
- Exploitative use of Java and Flash has declined, as has infections via web exploit kits.
- Business email compromise and business email spoofing have accounted for $12.5 billion between October 2013 and May 2018.
- Cybercriminal gangs have combined advanced social engineering and network intrusion techniques with POS malware to steal millions.
- A small subset of professional hackers and digital criminals are responsible for the bulk of cybercrime damage.
- The line between nation-state and cybercriminal is blurring.
The Secureworks Counter Threat Unit analyzed response outcomes and conducted research from July 2017 and June 2018. They researched 4,400 enterprises. You can read the full Secureworks State of Cybercrime Report 2018 here.