By Liran Tzah
In Q3 of 2016, Cytegic’s Dynamic Trend Analysis (DyTA) platform validated most of its forecasts from the H1, 2016 Intelligence report. Our Q3 report depicts clear indicators of increased cyber-activity surrounding the US Presidential Campaign with aggressive activity coming from Russia. Personally Identifiable Information (PII) still remains the most targeted asset in North America, while Ransomware continues to aggressively increase.
Here are some of the top trends and patterns that we identified throughout Q3 of 2016:
- Financial hackers were the most active attackers in our findings. When combined with the activity of all politically motivated attackers, their overall attacks exceeded a staggering 40% of cyber activity in North America.
- North America continues to be the most targeted geo-political region in the world, followed by Western Europe and Eastern Europe. Though, financially driven activity has risen by 80% for Eastern Europe and by 60% for Western Europe since Q3 2015.
- Email Social-Engineering was the most utilized TTP, accounting for a quarter of all attacks in North America. It was closely followed by ransomware, registering an alarming increase, as its use has more than doubled since Q3 2015.
- The IT industry was the most targeted, witnessing almost a fifth of the cyber activity within North American industries. It was sharply followed by government, banking, finance and media sectors. During Q3 we saw a strong link between an increased use of ransomware and its effect on the IT industry.
- The most targeted asset in North America was client data, subjected to 19% of the attacks on North American assets. It is followed by available services to clients, payment cards and monetary value- mainly bank account data. We have noticed a strong increasing trend of attacks on client data throughout this quarter, a similar pattern was witnessed regarding an increase in the use of email social engineering and ransomware on this asset.
Regarding our forecast for Q4 of 2016, we expect financial hackers to remain most active amongst all other cyber players, though nefarious politically motivated individuals and organizations will ramp up their activity as the US Presidential Election nears on Nov. 8th. Ransomware is expected to continue its upward trend, while DDoS and Trojans remaining on the leader board as most utilized attack methods. PII will continue to be the most targeted asset, especially in North America.
To learn more about the specifics of findings and receive what we forecast for Q4 of 2016 please download the full report here.