Botnet-Powered IoT Devices Create New Avenues of Attack (Learn More)

The leading cybercrime trend this year is botnets powered by compromised Internet-of-Things (IoT) devices according to the new report by cyber threat intelligence provider SurfWatch Labs.

In 2016, the amount of data collected on service interruption rose 162% over the year prior due to cybercriminals’ use of massive distributed-denial-of-service (DDoS) attacks against a popular security blog as well as hosting and domain name providers.

Adam Meyer, chief security strategist, SurfWatch Labs
Adam Meyer, chief security strategist, SurfWatch Labs

Cybercrime incidents via the supply chain also spiked sharply this year. Threat data collected and evaluated by SurfWatch Labs shows that the percentage of cybercrime linked to third parties nearly doubled over the past year – and that only includes publicly disclosed breaches.

“The large-scale attacks we’ve seen this year highlight the ability of cybercriminals to continuously shift their tactics to weak links in the security chain,” said Adam Meyer, chief security strategist, SurfWatch Labs.

“Organizations’ cyber risks have increased due to the growing number of vulnerable devices, easy-to-guess and/or reused user credentials and supply chain cybersecurity weaknesses.”

“The interconnectivity of data, devices and vendors creates numerous avenues of attack for cybercriminals.”

(As business becomes more connected, the digital supply chain is increasingly being exploited by adversaries. Learn More, courtesy of SurfWatch Labs and YouTube)

SurfWatch Labs collected cyber event activity from thousands of open and Dark Web sources and categorized, normalized and measured the data for impact based on the CyberFact information model.

Additional highlights from the SurfWatch Labs Cyber Risk Report: Cybercrime Trends 2016 include:

  • Surge of compromised credentials:
    • The amount of publicly exposed user credentials grew significantly in 2016, including two of the largest breaches to-date at Yahoo and Adult Friend Finder.
    • SurfWatch Labs collected data on more than 1,100 organizations associated with the “credentials stolen/leaked” tag across both public and dark web sources over the past year, up from 828 in 2015.
  • Cybercrime tied to third parties:
    • Third-party cybercrime was the result of vendors directly exposing customer and employee data, malicious actors using third parties as an avenue into other organizations’ networks, and vulnerabilities in third-party products and source code being exploited.
  • Supply chain cyber-attacks highest in healthcare:
    • More targets tied to third-party cybercrime (vendors, partners, suppliers) were found in the healthcare facilities and services industry than any other.

“It’s clear that as organizations get better at closing the front doors to attacks, cybercriminals shift their tactics to find other ways in,” said Meyer.

“By using evaluated threat intelligence, we can understand what the bad guys are doing, and make better informed forecasts of how cybercrime will impact organizations, their supply chain and their industry – and ultimately determine the most effective methods for reducing cyber risk now and in the future.”

SurfWatch Labs logo

SurfWatch Labs helps organizations and service providers quickly establish a strategic cyber threat intelligence operation that drives more effective use of their tactical defenses.

Founded in 2013 by former US Government intelligence analysts, SurfWatch Labs solutions provide a 360-degree view of cyber threats in the context of your business, along with practical and personalized support to create immediate insights and meaningful action.

Combining useful analytics, applications and human expertise, SurfWatch solutions can be your off-the-shelf, cyber threat intelligence team or delivered as a comprehensive product suite that easily integrates with your existing cybersecurity operations.