Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Threat landscape changes as destruction of service attacks increase

Samira Sarraf | July 25, 2017
Destruction of service (DeOS) attack could be the next play for cyber criminals.


Credit: Albert Gea

A more effective cyber threat dubbed DeOS, or destruction of service, has been revealed in Cisco’s 2017 Midyear Cybersecurity Report.

According to the networking giant, cyber threats are evolving rapidly that even with revenue generation as the attacker’s main goal, destroying organisations data could be the next trend.

Findings show that organisations are growing aware of the need for back-ups, which has already saved companies from losing data and millions of dollars due to being unable to operate following a cyber attack.

But attackers could be preparing to not stop at encryption but access and destroy organisations’ back-ups, with businesses set to become more vulnerable as they are forced to pay more and more often for ransomware attacks.

One big enabler to this could be the Internet of Things (IoT) and all the unprotected devices it brings into networks.

Cisco’s report also flagged that the shortage of trained in-house personnel is making organisations turn to service providers to bridge the knowledge and talent gaps.

In Australia, 65 per cent of small to medium sized businesses (SMBs) use outsourced incident response services, while 63 per cent use it for advice and consulting. Meanwhile, the “alert fatigue”, caused by more alerts than the security professionals can action, is another issue organisations are facing.

Across the country, SMBs investigate 55 per cent of alerts received, and of those, only 27 per cent turn out to be legitimate incidents with 40 per cent being remediated.

With Australian enterprises it is very similar, with 60 per cent of total threats being investigated - 28 per cent turn out to be legitimate incidents with 46 per cent being remediated.

At a national level, Scamwatch - run by the Australian Competition and Consumer Commission (ACCC) - has registered a total loss of $103,000 due to malware and ransomware attacks in 2017 so far.

Security scams have cost Australians over $950,000 in 2017, with hacking, phishing and ransomware attacks the preferred weapons of choice for cyber criminals.

More than 3,000 hacking complaints were registered by Scamwatch, while more than 60 per cent were delivered over the phone and 25 per cent was delivered via email or internet.

The Cadbury factory in Hobart has been one of Australia’s latest victims of a large scale ransomware attack, with the breach taking place just over a month after WannaCry hit the UK National Health Service, affecting Australian companies and forcing the IT channel to take quick action to save customers from financial losses.

 

Sign up for CIO Asia eNewsletters.