The Leading News & Information Service For The Facilities, Workplace & Built Environment Community

Hackers' Paradise - Easy Access...And Ransoms Paid

Hacker's paradise
12 June 2018 | Updated 14 June 2018

One report says on average, one third of business decision makers would pay hackers' ransom demands; while another - DNS Threat Report -  shows European organisations suffer most from global network attacks.

A specialist in DNS security has revealed the European results of its 2018 DNS Threat Report. The research explored the technical causes and behavioural responses towards DNS-based threats and their potential effects on businesses across the world.

EfficientIP's Report says globally, 77% of organisations faced DNS attacks in the past year with each attack costing European businesses an average of €734,000. The consequences of not securing DNS increases the risk of data loss, service downtime, compliance failure or compromised public image.

David Williamson, CEO of EfficientIP said: “New regulation made it necessary for every organisation to ensure the data they keep is secure. Surprisingly, our research shows European companies have invested the least globally in technology, which can prevent data theft. This could be a reason as to why the region had the most data stolen. In the year ahead, it will be interesting to see how European companies will prevent data theft and avoid regulatory fines."


Europe vs Americas

DNS is the gateway to every corporate network and malicious actors are targeting it as a way to steal sensitive information. The research shows the average cost per DNS attack for European organizations has risen by 43% (to €734,000), much higher than their North American and Asia Pacific counterparts.

French firms had the highest cost per attack at €847,000 and the UK had highest cost increase at 105% to €684,000. German comapnies have reduced the impact of DNS attacks over the last year, increasing only by 15% this year.


Data theft

On average, European companies suffered the most data theft at 39%, higher than the global average at 33%. Nearly half of French organisations admitted to losing sensitive data (48%) and UK companies suffered the least in the region at 32%. A third of European companies had their websites compromised, with nearly half (48%) of Spanish organisations admitting to website downtime. A quarter (25%) of French companies suffered loss of business as a consequence of DNS attacks.


Attacks dent revenue, but cloud services are better protected

European organisations are more effective than their global peers at protecting their cloud services. On average, a third (34%) of European businesses suffered cloud downtime, lower than the global average at 40%. Within the region, France has the most cloud outages due to DNS attacks at 41%, whereas Germany was the lowest at 28%.


DNS-based malware most prevalent in Europe

The top five DNS-based attacks in Europe reflect the global top five, with DNS-based malware (39%) being the most popular attack faced in the region, followed by phishing at 34%, DNS DDoS attacks at 20%, DNS tunneling at 19%, domain lock-up at 18%. DNS-based malware were more prevalent than anywhere else in world, with Germany facing the most attacks at 44%. Spanish organisations faced more DNS tunneling attacks at 24% than their European peers.


European businesses underinvest in keeping data confidential

DNS is recognised as a prime target for data exfiltration. Protecting the DNS requires monitoring and analysis of traffic to identify threats once they enter the corporate network. Conventional end-point and firewall technologies primarily focus on protecting the perimeter of every corporate network, therefore they are redundant once the threat moves inside.

European companies prioritised investment in securing network endpoints (38%), the monitoring and analysis of DNS traffic at 36%, and followed by firewalls at 20%.

Said Williamson: "It’s positive to see DNS investment move into the top three but more can be done in this area. Maybe that's why European organisations had the most data stolen within the last year."

Hackers' Paradise - Businesses Willing To Pay-up To Ransom Demands

On average, one third of business decision makers would pay hackers' ransom demands a fourth annual report to look at attitudes to risk and the value of information security says.

1,800 respondents across 12 countries, including the UK, shared their views on the financial, business and reputational costs of a data breach, including estimated loss of revenue and the cost of recovery.

On average, one third of business decision makers would pay hackers' ransom demands rather than invest in more security, the NTT Security Risk Value Report revealed.

One third of global business decision makers report that their organisation would try to cut costs by considering paying a ransom demand from a hacker rather than invest in information security. In the UK, this figure drops to a fifth (21 per cent) of respondents. Another 30 per cent in the UK are not sure if they would pay or not, suggesting that only around half are prepared to invest in security to proactively protect the business.

C-level executives and other decision makers from non-IT functions in 12 countries across Europe, the US and APAC and from multiple industry sectors were surveyed.

The findings are particularly concerning, given the growth in ransomware, (as identified in NTT Security’s Global Threat Intelligence Report) published in April. According to this report, ransomware attacks surged by 350 per cent in 2017, accounting for 29 per cent of all attacks in EMEA and 7 per cent of malware attacks worldwide.


Confidence levels unrealistic

Levels of confidence about being vulnerable to attack also seem unrealistic, according to the report. Forty-one per cent of respondents in the UK claim that their organisation has not been affected by a data breach, compared to 47 per cent globally. More realistically, of those in the UK, 10 per cent expect to suffer a breach, but nearly a third (31 per cent) do not expect to suffer a breach at all. More worrying is the 22 per cent of UK respondents who are not sure if they have suffered a breach or not.


Less of a risk than Brexit

Given that just 4 per cent of respondents in the UK see poor information security as the single greatest risk to the business, this is unsurprising. Notably, 14 per cent regard Brexit as the single greatest business risk, although competitors taking market share (24 per cent) and budget cuts (18 per cent) top the table.


Business impact and estimated costs of a breach

When considering the impact of a breach, UK respondents are most concerned about what a data breach will do to their image, with almost three-quarters (73 per cent) concerned about loss of customer confidence and damage to reputation (69 per cent). The highest figures for any country.

The estimated loss in terms of revenue is 9.72 per cent (compared to 10.29 per cent globally, up from 2017’s 9.95 per cent). Executives in Europe are more optimistic, expecting lower revenue losses than those in the US or APAC.

The estimated cost of recovery globally, on average, has increased to $1.52m, up from $1.35m in 2017, although UK estimates are lower at $1.33m this year. Globally, respondents anticipate it would take 57 days to recover from a breach, down from 74 days in 2017. However, in the UK, decision makers are more optimistic believing it would take just 47 days to recover, one of the lowest estimates for any country.


Confidence trick

Kai Grunwitz, Senior VP EMEA, NTT Security, comments: “We’re seeing almost unprecedented levels of confidence among our respondents to this year’s report, with almost half claiming they have never experienced a data breach. Some might call it naivety and perhaps suggests that many decision makers within organisations are simply not close enough to the action and are looking at one of the most serious issues within business today with an idealistic rather than realistic view.

“This is reinforced by that worrying statistic that more than a third globally would rather pay a ransom demand than invest in their cybersecurity, especially given the big hike in ransomware detections and headline-grabbing incidents like WannaCry. While it’s encouraging that many organisations are prepared to take a long-term, proactive stance, there are still signs that many are still prepared to take a short-term, reactive approach to security in order to drive down costs.”


Whose responsibility is security anyway?

According to to the report, there is no clear consensus on who is responsible for day to day security, with 19 per cent of UK respondents saying the CIO is responsible, compared to 21 per cent for the CEO, 18 per cent for the CISO and 17 per cent for the IT director. Global figures are very similar.

One area of concern, however, is whether there are regular boardroom discussions about security, with 84 per cent of UK respondents agreeing that preventing a security attack should be a regular item on the Board’s agenda. Yet only around half (53 per cent) admit it is and a quarter don’t know.


How prepared are organisations?

UK respondents estimate that the operations department spent noticeably more of its budget on security (17.02 per cent) than the IT department did (12.94 per cent). This compares to the global figures of 17.84 per cent (operations) and 14.32 per cent (IT), on average.

Each year the NTT Security report shows that companies are still failing when it comes to communicating information security policies. An impressive 77 per cent in the UK (compared to 57 per cent globally) claim to have a policy in place, while 10 per cent (26 per cent globally) are working on one. While 85 per cent of UK respondents with a policy in place say this is actively communicated internally, less than a third (30 per cent) admit that employees are fully aware of it.


Incident reporting

In terms of incident response planning, the UK is the most well prepared with 63 per cent of respondents saying their organisation has already implemented a response plan, well above the global figure of 49 per cent, while 18 per cent are in the process. Just 1 per cent in the UK say they have no plans to implement an incident response plan.

“The UK is leading the pack when it comes to planning for a security breach or for non-compliance of information/data security regulations,” added Grunwitz. “Given that the GDPR has just come into force, this is encouraging. However, while the majority claim their information security and response plans are well communicated internally, it seems it’s only a minority who are ‘fully aware’ of them. This continues to be an area that businesses are failing on time and time again and needs to be addressed as a priority.”

Picture: On average, one third of business decision makers would pay hackers' ransom demands rather than invest in more security, the NTT Security Risk Value report revealed.


Article written by Brian Shillibeer | Published 12 June 2018


Related Articles

Reported Ransomware Incidents in UK Doubled in 2023

A Freedom of Information request has revealed that there was a resurgence in ransomware-related incidents following a quieter 2022.   In the first six months...

 Read Full Article
How to Identify and Address IoT Security Weaknesses

Data-driven facilities management is now the expected norm, but security concerns about IoT systems still remain amongst FMs and tenants. The Internet of Things (IoT)...

 Read Full Article
NHS IT Services Supplier Victim of Ransomware Attack

It has been confirmed that a ransomware attack is causing a major outage for NHS IT systems. Services affected include software used by NHS 111 and other patient notes...

 Read Full Article
More Global FM Firms Hit By Cyber Attacks

EMCOR Group and Bouyges are the latest FM companies targeted by malicious software attacks.  The website of EMCOR Group, the global providers of facility...

 Read Full Article
Anatomy Of A Cyber Attack

The cyber attack on the global heavy manufacturing sites of Norsk Hydro saw the aluminium producer lose over £25.5 million in under a week. Here we detail three...

 Read Full Article
Global Ali Producer Shut Down By Cyber Hack

A major global aluminium producer with multiple sites, including furnaces, has been the victim of a major and malicious cybersecurity attack. A lack of ability to connect...

 Read Full Article
Not Wiping Memory Risks GDPR Fines

Thousands of businesses are risking GDPR penalties for not wiping the memory from old IT equipment, it has been claimed. According to a survey carried out by...

 Read Full Article
GDPR - A Little Help From Your Friends

ThisWeekinFM is reminding readers GDPR is for life and not just May 25...but we also have a cunning plan to help keep you and your organisation compliant.  Whilst...

 Read Full Article
Ransomware - the Protection Racket

ThisWeekinFM has been making a racket about Cyber Security because vulnerabilities are exploited at a personnel and personal level - where FM's should have some...

 Read Full Article
Spotlight Interview – Francis West | Security Everywhere

Francis West is CEO of Security Everywhere, a company which helps SMEs to secure their money, data and reputation with managed security services. Francis is a trusted...

 Read Full Article