Q1 Cyber Threats Report: Rapidly growing volume of Web security traffic reveals new threat trends

by Security Research & AnalysisWeb Security

The regular cadence of high-profile security breaches that we saw during 2014 continued into 2015, with health insurance giant Anthem providing the latest entry in a growing list of major corporate victims. We will not review the Anthem breach in our quarterly report as it has already been covered extensively in many other places, but CYREN does believe that this attack is important because it represents a shift in targeting by cyber criminals.

While we do not expect breaches involving credit card details to disappear, general identity theft offers a lucrative growth opportunity for the criminals. Throughout the first quarter of 2015, CYREN saw lower profile occurrences of identity theft that also targeted healthcare organizations – on both the provider and insurer sides of the industry. The most popular tactic used to create the breach is a phishing email that steals credentials from the recipients by appearing to be from a legitimate source or website, once again emphasizing the value of a Web security solution that can react to such threats in real-time.

The driver for this is clear: in the course of their everyday business, healthcare organizations accumulate large volumes of personal data, including highly-prized social security numbers. And as we revealed in the CYREN 2015 Security Yearbook, this type of data is worth ten times as much on the black market as credit card details, as it can be monetized by criminals in multiple ways.

Because of this, we expect these attacks to grow in frequency until healthcare organizations are able to harden their security practices enough to reduce the high ROI that the cyber criminals achieve from such campaigns. It should be noted though, that other enterprises that hold similar data will also suffer the same sort of attacks.

In our quarterly report, we provide comprehensive statistics on the threat landscape and take a deeper look at some techniques that the criminals are using to gain access to enterprise networks including:

• Web malware

• Email attachment – macro malware

• Breaches to Slack and HipChat social collaboration services

We hope that by covering these threats in more detail, readers of the report can arm themselves with the knowledge and tools to better protect their organization and its’ data from the cyber criminals.

Go back