Spooky Stats for National Cyber Security Awareness Month
The last day of Cyber Security Awareness Month is upon us, so let’s round up the month with some cybersecurity numbers from 2018 so far. October was dedicated to creating awareness of the importance of cybersecurity. Here are some statistics from the first three quarters of 2018 that would spook any security expert or business decision maker.
Spooky stats for 2018
The ITRC reported that as of September 5th, 2018, there were 865 total data breaches, with 34,174,633 records exposed.
Cybersecurity ventures reported that 90% of successful hacks and data breaches stemmed from phishing attacks.
In 2017 the average cost per ransomware attack to businesses was $133,000
Ransomware damage costs will rise to $11.5 billion in 219 and a business is expected to fall victim to a ransomware attack every 14 seconds.
A cybercrime report found that the 5 most cyber-attacked industries are:
- Financial services
New cyber-attack type in 2018
Let’s take a look at the latest attack type to surface in 2018, the VPN/IT router malware. According to the Cybercrime tactics and techniques report by Malwarebytes Labs, “The U.S. Justice Department linked the attack to Fancy Bear (APT 28), which is believed to be directed by Russia’s military intelligence agency and is linked to attacks against the German Parliament, Democratic National Convention (DNC), and the International Olympic Committee (IOC).”
This type of attack covertly monitors all traffic on the router’s network.
It serves the purpose of data exfiltration, man-in-the-middle attacks and destruction of infected devices.
Over 500,000 small-office and consumer grade routers and NAS devices were infected in 2018.
The attacks spanned over 50 countries.
This attack affected major brands such as:
- And TP-LINK
The FBI strongly urges all owners of routers to power-cycle the devices in an attempt to:
- Clear malicious code
- Disable remote management settings
- Secure the device with a strong/unique /new password
- Consider enabling encryption
- And install firmware updates
Power-cycling your router is not the same as resetting it. Here’s a quick video explaining the difference and teaching you how to power-cycle your own router.
Take our free training for data security and privacy
If you’re interested in learning how to protect yourself and your organization from phishing, ransomware, VPN/IT router attacks and more, check out our cybersecurity training courses. Data security and privacy is an increasingly important topic as cyber attacks continue to batter organizations. For Cyber Security Awareness Month we’re offering free Data Security and Privacy training. Cyber security awareness in your organization is the responsibility of every employee. Learn more about the training from the video below.
About CyberTraining 365
CyberTraining 365 is an online academy that offers nearly 1,000 hours of relevant and cutting-edge cybersecurity training. Our training provides the most in-demand industry certification prep courses including EC-Council, CompTIA, (ISC)2 and Cisco; all taught by leading cyber security experts. All of our offerings are aligned with the national initiative for cybersecurity education (NICE) and ensure the most up-to-date information for this constantly shifting field. With engaging content in a scenario-based format, CyberTraining 365 uses bite-sized micro-learning methodology ensures learners are not overwhelmed with information. On Demand, LMS platform has white-label capabilities ideal for internal training purposes.