Cyber criminals cause losses of up to USD 4 billion in first half of 2017

According to a Trend Micro report titled 2017 Midyear Security Roundup: The Cost of Compromise, the year 2017 has been nothing less than adventurous. The report suggests that WannaCry infected 300,000 machines worldwide and caused financial losses of up to USD 4 billion.

 

 

The WannaCry and Petya attacks, according to the report, exploited a vulnerability already addressed by an earlier patch. It is, however, not always easy or possible to regularly install and manage patches. Some businesses use egacy systems or are in the middle of replacing legacy systems that no longer receive patch updates. Some organizations even have legacy equipment that are too critical to run the risk of mechanical breakdown when patches are installed. These limitations and challenges should not stop enterprises from adopting security measures. Vulnerability shielding and virtual patching can help protect enterprises from both old and new threats -- for both old and new systems.

 

 

The report highlights that in the first half of 2017, at least 382 vulnerabilities were discovered and publicly disclosed by reasearches and contributors from the Zero Day initiative. Some of the findings include:

 

 

IoT puts smart factories at risk: By 2018, over a million industrial robots will be employed in factories around the world. To prevent attacks and minimize risks to robots, operators, and the production line, security should be a priority for enterprises, robot vendors, software developers, network defenders, and cybersecurity standards makers.

 

 

Email compromises losses reach USD 5 Billion mark: Email is still seen as a source of fraud. According to the Federal Bureau of Investigation, global losses due to business email compromise (BEC) have reached USD 5.3 billion. The data revealed that cybercriminals spoofed CEOs, CFOs and finance directors, who were the top targets of attacks.

 

As security risks continue to evolve and expand to encompass threats as novel as industrial robots gone haywire and as unpredictable as cyberpropaganda campaigns, the report stresses on the necessity of proper and effective cybersecurity, especially among enterprises, cannot be overstated.