Last year, in an effort to help with the ongoing struggle of increasing security awareness, we put together a collection of Security Statistics compiled from notable security sources from across the globe. With a rise in global data breaches and ransomware attacks occurring in 2018, IT professionals continue to struggle with obtaining the budget and resources required to keep their business safe from data thieves and other cyber threats. If you are looking to convince the higher ups in your organization about the importance of proper security prevention, then information is truly power. Below are six Security Facts from 2018 that can help you put the fear of god into some rule breaking employees, scare executives into buying into a proper security budget, and remind everyone, everywhere on what poor security habits can do.
Security Fact #1: In 2018, Under Armor reported that its “My Fitness Pal” was hacked, affecting 150 million users. (Under Armor)
Notable data breaches such as the recent Facebook data leak may dominate the news, yet many other hacks and important security facts have occurred in 2018 that seem to slide away from the news cycle quickly, even though your data may still be exposed. In March, Under Armour admitted that around 150 million users of their popular MyFitnessPal app were hacked earlier in the year. During the breach, an unauthorized person was able to retrieve passwords, usernames, and email addresses on all of the uncovered accounts, however, payment information and social security numbers where not exposed.
This hack is notable for its size and other possible consequences. With passwords and email addresses, hackers could potentially attempt to access other accounts, such as banking or other financial services using the same credentials. Since many people ignore password best practices and use the same password for multiple sites, it is extremely likely that this hack led to other, more sensitive information being exposed.
Security Fact #2: In 2017, 147.9 million consumers were affected by the Equifax Breach. (Equifax)
The Equifax breach last year was a huge and notable news story due to the nature of the breach and the type of information that was stolen. Extremely private information, such as social security numbers, were stolen for over 147 million people, all due to the company’s inability to properly secure their systems. For the average company, a breach of this nature would be nearly impossible to recover from due to the reputation and financial consequences.
Security Fact #3: Ransomware is down, Cryptomining is up (Kaspersky)
Ransomware dominated 2017 and continued to annoy businesses in 2018, however, according to Kaspersky, Ransomware has actually fallen nearly 30% over the past 12 months. Due to a rise in increased security awareness regarding ransomware attack methods, hackers have found it harder to make a solid profit by locking up files and demanding coin, and instead they have shifted to the more secretive world of cyptomining.
Cryptomining involves hackers installing cypto-currency mining software on servers and computers of unsuspecting victims. This attack method can be more profitable than ransomware as it can operate undetected for a long time, while ransomware does not guarantee that the victim will fork over the requested dough.
Security Fact# 4 Organizations were able to identify data breaches on average within 191 days (Ponemon Institute)
Surprising, this is actually one of the few positive security facts since in 2016, the average was 201 days. Undiscovered data breaches are a massive concern for every business, which has increased the importance of intrusion detection tools and other discovery methods for revealing ongoing data breaches.
Conclusion
Having C-level discussions on the importance of information security isn’t always easy, but it is critical for IT leaders to continue building business cases using security facts to help obtain proper security resources. In general, it’s easy to pay a little now, that a lot when it is already too late.