Information security in 2018: relevant facts and the increase in cyber attacks

The year 2018 was marked by several events in relation to information security and technology, such as the determination of the GDPR (General Data Protection Regulation) which represents the rise of European Union privacy regulations and also with the significant increase in records of cyber attacks such as scams, data hijacking, malware, data leaks and cryptocurrency mining.

Here on the blog we have already presented relevant data about the increase in virtual attacks in 2018 and the importance of educating users , but did you know that in addition, during 2018 more than 350 thousand viruses per day by Kaspersky Lab? So, the numbers are scary and represent the reality of the global internet.

Kaspersky Lab states that there has been a 43% increase in ransomware (from 2.1 in 2017 to 3.1 million in 2018) and a 44% increase in backdoors used by cybercriminals for remote PC access (from 2.2 to 3.2 million), these results prove that malware, mainly backdoors and ransomware, remain a significant danger.

• 30% of user computers have suffered at least one malware attack this year .
• According to Kaspersky Lab data on attacks on IoT devices (Internet of Things: Smart TV, digital locks, etc.), Brazil (10.57%) is in second place in the world ranking, second only to China ( 27.15%).
• In Latin America, more than 3.7 million malware attacks were identified per day , with a ranking led by Argentina (62%).
• In the ranking of the countries most attacked by phishing in 2018 , Mexico is in first place with 120% and Brazil occupies third place , with a 110% increase in attacks.
  Source: Kaspersky Lab | See more data about 2018
  

dfndr lab PSafe 's cybersecurity laboratory , prepared the 5th Digital Security Report in Brazil with an accumulation of comparative data between the 2nd and 3rd quarter of 2018, generated through the detections of cyberattacks on Android smartphones of more than 21 million dfndr security app users

• The dfndr lab report shows that there was a 31.4% drop in cyberattacks (from 63.8 to 43.8 million) due to the reduction in focus on major events, but presents a 7% increase in fake news (from 4 .4 to 4.8 million) that mainly address topics about politics, health or ways to make easy money.
• Check out the malicious link detection chart:

  

• “ Despite the significant drop seen between the quarters (31.4%), we cannot look at this information in a simple and generic way. Cyberattacks are not slowing down . What we saw, this quarter, was a combination of factors that include a reduction in focus on major events that involve public-financial issues, such as FGTS and PIS/Pasep, and commemorative dates of high relevance for retail. ” Emilio Simoni , director of the dfndr lab.

The numbers continue to be worrying , and with each passing year the attacks become increasingly diverse. Cybercriminals “renew strategies” to improve encryption, seeking to avoid detection of attacks. Therefore, without a doubt, we can say that the year 2018 was marked by a series of attacks, accounting for victims all over the world.

Between fake emails and websites, WhatsApp messages, fake news, data kidnapping attacks and even cryptocurrency mining, with the aim of exploiting the capacity of devices and using processing without the user's authorization, we have prepared a list of some of the cyber attacks that occurred in 2018 , follow the article.

Marriott Hotels

September, 2018.

Following a major attack on the database, an average of 500 million customers of the hotel chain Starwood Hotels and Resorts, a subsidiary of Marriott International, had their personal data such as name, telephone number, passport number, address, among others, accessed by criminals. The attack was detected in September 2018, but unauthorized access to the database had been occurring since 2014 .
The Public Ministry of the Federal District and Territories (MPDFT) opened a Public Civil Inquiry to investigate the case .

Facebook

1. March, 2018.
   Cambridge Analytica: Using a personality test application, users allowed access to their information, but ended up also allowing access to their friends' information. The company used the data illegally for political propaganda.
2. September, 2018.
   Hacker attack: Criminals took advantage of a vulnerability in the “View as” option and had access to profile data from 30 million people. After the attack, on average 90 million people were redirected to log in again and informed of what happened.
3. December, 2018.
   Photos published without authorization: Due to a “bug”, around 6 million users who allowed media access to third-party applications had “unpublished photos” (such as stories and photos that were uploaded, but not published), exposed on the social network. Facebook notified users and suggested that they check application access .
   Source: TechTudo

Banco Inter

1. May, 2018.
   In May 2018, the TecMundo website team received a manifesto consisting of 18 pages, signed by a hacker called “John”.
   This document technically detailed how the hacker had access to data, in addition, the details of the extortion applied to Banco Inter. The condition was: if the bank did not pay the amount within the deadline, the data would be sent to the press and sold on the internet. The bank acted correctly , in accordance with instructions on how to act in cases of invasion or data theft and did not give in to extortion.
   As there was no payment to the hacker, the personal data of thousands of customers, employees and executives of Banco Inter, one of the largest fully digital banks in Brazil, was placed in an encrypted 40 GB file.
   The data consists of photos of checks, documents, transactions, emails, personal information, security keys and passwords from approximately 100,000 people. .
   • The hacker reports that he worked for around 7 months on the invasion of Banco Inter and explained that through an employee's error it was possible to enter the bank's systems and copy the data.
   • Banco Inter denied that an invasion had occurred.
2. July, 2018.
   The Personal Data Protection Commission, in collaboration with TecMundo , opened a public civil inquiry to investigate the case.
   During the investigation, the MPDFT found, with proof from the Center for Production, Analysis, Dissemination and Information Security (CI), the commitment of: .
   • Registration data of 19,961 Banco Inter account holders.
   • Of these, 13,207 contain banking details, such as account number, password, address, CPF and telephone number.
   • Another 4,840 customer data from other banks that carried out transactions with Inter users were also compromised.
   • The exposure of digital certificates, already revoked, and the bank's private key were also confirmed.
   .
   The Public Ministry of the Federal District and Territories (MPDFT) requested that the bank be ordered to pay R$ 10 million , as compensation, for failing to take the necessary precautions to guarantee the security of its customers' personal data and not customers. The amount, in the case of conviction, will be returned to the Fund for the Defense of Diffuse Rights (FDD).
3. December,2018.
   An agreement was approved between Banco Inter and the Public Ministry of the Federal District and Territories ( MPDFT ), where Banco Inter must pay R$1.5 million to repair collective moral damages of a national nature resulting from the data leak.
   Source: TecMundo

Phishing

Cases of fraud carried out using phishing are nothing new and continue to occur via email, WhatsApp and other social networks. False promotions are frequently circulated, especially on commemorative dates, and these are the examples we brought.

In relation to phishing in 2018, Kaspersky Lab identified a 110% increase in incidents, taking Brazil to 3rd place in the world ranking, according to data presented at the beginning of this article.

1. During 2018, mainly in periods close to Netflix catalog updates.
   Fake Netflix email: The email asks the user to update their payment details as the supposed account is suspended. With a convincing email construction, promoting films and series that are popular or new to the Netflix catalog, criminals convince many people, mainly because it is an email with current content. In this way, many people end up falling for this scam and providing sensitive data to criminals. It is worth noting that it is the same suspicious link in all buttons in the email.
   Netflix has an official channel available for reporting phishing, so if you receive any such email, please forward it to phishing@netflix.com

   

2. November, 2018.
   Christmas toast from O Boticário: The real promotions with gifts from O Boticário were seen as an opportunity by cybercriminals. One of the last incidents of 2018 was a false promotion via WhatsApp that offered different brand gifts and to “win”, the user had to provide their CPF number and invite friends, generating a large flow of people providing their data to criminals. A O Boticário officially commented on its Facebook page, warning the public about the false promotion.

   

3. December, 2018.
   Coca Cola Christmas Gift: A false promotion was circulated via WhatsApp that offered Christmas gifts. To “win the freebie”, the user had to click on a link and register, it turns out that the link redirected the user to a Phishing website to capture data, mainly CPF numbers. A Coca Cola has officially spoken out informing that the promotion it was false and reiterating that the website official of the company is: natal.cocacola.com.br

   

Fake news

The occurrence of fake news was so high during 2018 that dfndr lab identified that 11% of malicious links were fake news. Representing a 7% increase in fake news (from 4.4 to 4.8 million) that mainly address topics about politics, health or ways to make easy money, between the 2nd and 3rd quarter of 2018.

1. July, 2018.
   Fact or Fake : The G1 team sought to help internet users have a channel that analyzes cases of fake news. The section identifies messages that cause distrust and clarifies what is real and what is false. The investigation is carried out jointly by journalists from G1, O Globo, Extra, Época, Valor, CBN, GloboNews and TV Globo. Speeches by politicians are also checked. See the category here
2. Top 5 fake news about politics (dfndr lab)
   At the 5th Digital Security Report in Brazil from dfdr lab, a ranking for detecting fake news about politics was presented. Firstly, there is fake news about Jean Wyllys, which was detected 625 thousand times by the security company.

   

Taking into account the notable news for internet security in 2018, it is important to highlight that preventive methods against cyber attacks must always come first, for each and every connected user.

Managers and IT professionals must prioritize information security , but the main question is: how to do it?
Where to start?

The most important actions to improve information security in the company are based on prevention. We have listed 5 of the most relevant actions that must be implemented and periodically reviewed so that the company has an excellent basic level of attention to information security.

• Data backup : There are certain types of security incidents in which the only option to recover company information is to restore backup copies. It is essential to maintain a backup strategy, with updated and verified routines. It must be analyzed, among other aspects, which data will be protected, the frequency of updates, the retention time of copies and the storage location of copies (remembering that it is important to keep copies in a location external to the environment where the data is stored in the company ).
• Antivirus : It is important to use good antivirus software. Other network protection mechanisms are complementary and do not replace antivirus. There are free packages that offer a basic level of protection, however, for effective protection it is recommended that companies invest in acquiring a good antivirus and anti-malware solution.
• Firewall and internet access control : protecting the network with a firewall and blocking harmful links and harmful websites is a very relevant measure for information security. It is important that the solution has a functional and easy-to-use management interface, as the ease of viewing reports and the correct configuration of the tool directly impact protection efficiency. A solution for managing internet access such as Lumiun is an excellent resource for increasing information security in the company , in addition to promoting awareness of internet use and helping employees' productivity .
• Software updates : all programs used on computers and equipment must be updated with recent versions. The practice of applying updates routinely, and whenever they are made available, is important to protect against attacks that take advantage of new vulnerabilities that are discovered, published and exploited. The operating system and internet browsers must pay extra attention and keeping them updated greatly helps with security.
• Guide employees on good information security practices : currently the majority of attacks involve some improper action carried out by a company employee. Failures such as clicking on a link in an email that contains a totally incredible promotion, without due care and attention in checking the link that will be opened, are examples of how carelessness can be a vulnerability and a gateway to security problems. Try to guide employees about the importance of taking care of information security in the company .

Want more tips on internet security for small and medium-sized businesses? See 11 internet security tips for small and medium-sized businesses