Source: CSO Australia
03 Jul 2018

It’s human nature to pinpoint our focus on the most dramatic threats to our safety, ignoring the more probable hazards. It works the same way for cybersecurity as it does in our personal calculus of shark attacks vs. everyday clumsiness. If we spend too much time preparing for sophisticated zero-day attacks or being lulled to complacency by the assurances of a shiny new software solution, we tend to pull attention and time away from the cyber elements we know are most likely to protect or expose us. Malicious hackers’ relentless inventiveness and tactical sophistication has allowed a handful of malware families to continue infiltrating and damaging networks for an astonishingly long time. Still, evasive malware strategies aren’t entirely to blame for why the same vulnerabilities persist for years.

It’s the fundamentals that will be our undoing —but they could also be our saving grace. Verizon’s Data Breach Investigations Report highlighted this dynamic yet again in 2018.  A vast majority of breaches fall into the same nine patterns Verizon identified in 2014. Their calculations reveal that 94 percent of security incidents and 90 percent of data breaches continue to fall within one of these original patterns, including web applications, privilege misuse, point of sale, crimeware, and denial of service, and lost or stolen assets. Ransomware still holds the top spot for most common type of malware (used in more than half of incidents where specific malware found); command and control malware ranks a significant second (36 percent).

Read Full Article