Positive Technologies report: social engineering is used in every third attack

According to experts, the number of reports of personal data leaks continued to grow in Q4 2018, and social engineering was found to be used in one in three attacks.

Reports of personal data leaks keep increasing. Positive Technologies’ experts anticipate that the introduction of the General Data Protection Regulation (GDPR), which sets rules for protection of personal data regarding EU citizens, may contribute to this trend. Inspired by news of the first fines and notices, companies will inform clients of cyberattacks instead of staying silent as in the past.

According to Positive Technologies’ report Cyber Security threatscape Q4 2018, 48 percent of attacks were intended to obtain data, with hackers using malware in half of them. In many cases (28 percent of attacks), attackers targeted credentials such as usernames and passwords. These credentials were used for different services and systems, including corporate email.

The percentage of targeted attacks also continued to grow, reaching 62 percent. Attackers are increasingly turning to individualized approaches against corporate targets, while home users are being hit by mass malware infections. One third of attacks on individuals were intended for the purpose of data theft. Attacker interest was focused on credentials, which were the target in 60 percent of cases.

The share of incidents aimed at direct financial profit grew by 6 percent quarter-over-quarter.

"Social engineering featured in nearly one in three attacks in Q4. Criminals routinely operate finely honed phishing schemes against company employees in targeted attacks," says Leigh-Anne Galloway, cyber security resilience lead at Positive Technologies. "Marketing emails often contain buttons that invite the user to visit a website. But before clicking a button, it is important to check the identity of the message sender and the destination of the link."

Q4 2018 was marked by a large number of cyber attacks involving injection of malicious scripts into the code of vulnerable sites. This technique particularly threatens government sites responsible for handling municipal payments, since they are poorly protected.

"Governments are riding the digital wave and moving payments online," explains Leigh-Anne Galloway. "But ease and convenience come at the price of cybercrime-related risks. Thus, the Click2Gov online payment portal, responsible for accepting parking, utility, and other municipal payments in the U.S., was hit by attacks in 2018. News of vulnerabilities in this payment service, as well as recommendations for addressing them, were made public in 2017. But judging by repeated attacks, the organizations using this system have failed to keep up with security developments and take adequate protective measures.”