Silhouette of a man. Photo: Alexander Ryumin / TASS via Getty Images
Why it matters: Given "that most incidents are not reported, this number could easily exceed 350,000," Jeff Wilbur, director of the OTA initiative at the Internet Society writes.
More from the report:
- “This is more than 30 times the number of breaches alone, so provides a very different perspective on the threat landscape."
- “93% were avoidable.”
- The "rise in the number of incidents was primarily driven by a doubling in ransomware infections."
- But "there was growth in all facets, indicating that organizations must take a comprehensive view of their defenses.”
- “2017 marked another ‘worst year ever’ in data breaches and cyber incidents around the world,” Wilbur said in a statement.
- 1 new thing: Ransomware denial-of-service attacks (RDoS). In this operation, hackers threaten a DDoS attack unless a ransom is paid.
But, but, but: “With all the technology, it’s easy to forget that users are the most important gatekeepers to your systems and data. Equipping them to make good decisions and instilling a culture of security…(through mechanisms such as multi-factor authentication and limiting access levels appropriate to the role) and monitoring systems for anomalous behavior can go a long way toward securing your systems.”
The report analyzes threat intelligence data on data breaches, ransomware targeting, business email compromises, DDoS, and critical infrastructure hacks from Cybersecurity Ventures, the FBI, Malwarebytes, the Ponemon Institute, Proofpoint, Risk Based Security, Symantec, and Verizon.