2016 may have been “The Year of the Fileless Attack” and 2017 may have been “The Year of Ransomware”. 2018 was, in many respects, “The Year of the Next-Gen Cyberattack.”
Over the past year, the industry saw several high-profile, global-scale cyberattacks. Singapore witnessed its greatest data breach yet, with the SingHealth attack compromising the personal data of 1.5 million patients.
Billions of other personal records were stolen in 2018, unearthed in breaches that successfully targeted household names in government, technology, healthcare, travel and hospitality. Compounding the problem has been increased geopolitical tension between western democracies and countries like Russia, China and North Korea.
According to Carbon Black’s threat research, we believe 2019 promises to be a year where endpoint visibility becomes more paramount than ever as attackers continue to evolve and global tensions increase. To better understand the current attack landscape as we head into 2019, the Carbon Black Threat Analysis Unit (TAU) researched the current state of cyberattacks across the Carbon Black customer base and in conjunction with our incident response (IR) partners to produce all of the content enclosed in this report.
Key Report Stats
The average endpoint protected by Carbon Black was targeted by two cyberattacks per month throughout 2018. At this rate, an organization with 10,000 endpoints is estimated to see more than 660 attempted cyberattacks per day. Across the Carbon Black customer footprint (totalling approximately 15,000,000 global endpoints) this means there are, on average, 1 million attempted cyberattacks per day.
The top five industries targeted by cyberattacks in 2018, according to Carbon Black’s global threat data were: Computers/Electronics, Healthcare, Business Services, Software/Internet and Manufacturing.
As 2018 came to a close, China and Russia were responsible for nearly half of all cyber attacks. Of 113 investigations our IR partners conducted in the third quarter, 47 stemmed from those two countries alone.
Approximately $1.8 billion of cryptocurrency-related thefts occurred in 2018. To determine this number, we evaluated open-source reporting and dark web marketplaces to identify and quantify the largest threats posed from cryptocurrency-related crimes. During this process, we found almost $1.8 billion in losses throughout 2018.
To quantify this figure and put in perspective how far cybercrime has evolved, we looked at the data from the Singapore Police Force’s Mid-Year Crime Statistics for January to June 2017, which reported over $40 million in victim losses from total internet crime in Singapore.
The report also includes specific threat intelligence information from Carbon Black threat
researchers on some ubiquitous attack methods including: the Emotet banking trojan, Monero cryptomining attacks and ransomware that leverages open-source tools.