Over 24 trillion security signals are analyzed every 24 hours offering a uniquely comprehensive view of the current state of security.
We’ve seen cybercrime evolve as a national security threat that’s driven largely by financial gain. Positively, transparency is increasing as more victims of cybercrime come forward to share their stories. Government cybersecurity efforts have also increased in response to cyberthreats.
Nation state threat actors have become more sophisticated and harder to detect, creating a threat to security that is replicated by other cybercriminals.
The Internet of Things (IoT), operational technology (OT), and supply ecosystems have been treated in isolation but to counter attacks, security needs to take a holistic approach. Multiple layers of defenses such as multifactor authentication can help maintain security.
In both the physical and digital worlds, the primary way criminals get in is through an unlocked door. Organizations that do not apply or maintain basic security hygiene like patching, applying updates, or turning on multifactor authentication will face much greater exposure to attacks, including ransomware or Distributed Denial of Service (DDoS).
Disinformation is being created and disseminated at increasing scale and speed.
Technology and cyber risk can’t be treated as something that only IT and security teams manage. Criminals seek to exploit any opportunity that exists, so while recovery solutions are imperative, it’s on all of us to seek out cybersecurity training and ensure our online safety.
Keep reading to see how the threat landscape and online safety has changed in a few short years.
Average prices of cybercrime services for sale. Attackers for hire start at $250 USD per job. Ransomware kits are $66 USD or 30% of the profit. Compromised devices start at 13 cents per PC and 82 cents per mobile device. Spear phishing for hire ranges from $100 to $1,000 USD. Stolen username and password pairs begin at 97 cents per 1000 on average.
The most targeted countries between July 2020 and June 2021 were the United States (46%), Ukraine (19%), and the United Kingdom (9%).
The most targeted sectors between July 2020 and June 2021 were Government (48%) and NGOs and Think Tanks (31%).
The most active nation state activity groups between July 2020 and June 2021 were NOBELIUM (59%), THALLIUM (16%), and PHOSPHORUS (9%).
There was a sharp decline in Microsoft employees scanning their badges for building entry in March of 2020, from around 100,000 per day to less than 10,000. The number is gradually increasing again as Microsoft moves to a hybrid work environment.
Protect against 98% of attacks by utilizing antimalware, applying least privilege access, enabling multifactor authentication, keeping versions up to date, and protecting data. The remaining 2% of the bell curve includes outlier attacks.