Information security in 2018: relevant facts and the increase in cyber attacks

The year 2018 was marked by various events regarding information and technology security, such as the determination of GDPR (General Regulation on Data Protection) that represents the rise for the privacy regulation of the European Union and also with significant increase in cyber attacks such as blows, data sequestration, data leakage and cryptocurrency mining.

Here on the blog we already present relevant data on the increase of virtual attacks in 2018 and the importance of educating users , but did you know that in addition, during 2018 more than 350,000 viruses per day by Kaspersky Lab? So the numbers are scary and represent the reality of the global internet.

Kaspersky Lab states that there has been a 43% increase for ransomware (from 2.1 in 2017 to 3.1 million in 2018) and 44% for cybercriminous backdoors for remote access to PC (from 2.2 to 3.2 million), these results prove that malware, especially backdoors and ransomware, remain significant danger.

• 30% of user computers suffered at least one malware attack this year .
• According to Kaspersky Lab data on IoT (Internet of Things: Smart TV, Digital Locks, etc.), Brazil (10.57%) is second in the world ranking, losing only to China (27.15%).
• In Latin America, more than 3.7 million malware attacks , with ranking led by Argentina (62%).
• In the ranking of the most attacked countries by Phishing in 2018 , Mexico is in the first position with 120% and Brazil occupies third place , with an increase of 110% in attacks.
  Source: Kaspersky Lab | See more data on 2018
  

DFNDR Lab PSAFE 's cybersecurity laboratory , prepared the 5th digital security report in Brazil with comparative data accumulation between the 2nd and 3rd quarter of 2018, generated through cybership detections Android smartphones from more than 21 million users of the DFNDR Security security application.

• The DFNDR Lab report shows that there was a 31.4% drop in cybership (from 63.8 to 43.8 million) due to the reduction in the focus on major events, but has a 7% increase in fake news (from 4.4 to 4.8 million) that mainly address politics, health or easy money.
• Check out the malicious link detections chart:

  

• “ Despite the sensitive perceived fall between the quarters (31.4%), we cannot look at this information simply and genericly. Cybercates are not decreasing . What we saw in this quarter was a combination of factors that encompass focus on major events involving public-financial issues such as FGTS and PIS/Pasep, and high-relevant commemorative dates. ” Emilio Simoni , director of DFNDR Lab.

The numbers continue to be worrying , and with each passing year the attacks become increasingly diverse. Cybercriminals “renew strategies” to improve encryption, seeking to avoid detecting attacks. Thus, we can undoubtedly say that 2018 was marked by a series of attacks, accounting for victims worldwide.

Between emails and fake sites, WhatsApp messages, fake news, data kidnapping and even cryptocurrency mining attacks, with the purpose of exploring device capacity and using processing without user authorization, we have prepared a list of some of the cyber attacks that occurred in 2018 , follow the article.

Marriott Hotels

September, 2018.

From a major attack on the database, on average 500 million customers from the Starwood Hotels and Resorts hotel chain, a subsidiary of Marriott International, had their personal data such as name, telephone, passport number, address, among others, accessed by criminals. The attack was detected in September 2018, but unauthorized access to the database had happened since 2014 .
The Public Prosecution Service of the Federal District and Territories (MPDFT) established a public civil inquiry to investigate the case .

Facebook

1. March, 2018.
   Cambridge Analytica: Using a personality test application, users allowed access to their information, but eventually allowed access to friends information as well. The company used data illegally for political propaganda.
2. September, 2018.
   Hacker Attack: The criminals took advantage of a vulnerability of the “see how” option and had access to 30 million people profile data, after the attack, an average of 90 million people were redirected to login again and informed.
3. December, 2018.
   Pictures published without authorization: from a bug, about 6 million users who allowed access to the media for third party applications had “unpublished photos” (such as stories and photos that were loaded, but not published), exposed on the social network. Facebook has notified users and suggested that they check app access .
   Source: TechTudo

Inter Bank

1. May, 2018.
   In May 2018, the Tecmundo site team received a 18 -page manifesto, signed by a hacker called “John”. This document was technically detailing how the hacker had access to the data, and the details of the extortion applied to the Inter bank. The condition was: If the bank did not pay the amount on time, the data would be sent to the press and sold on the internet.
   The bank acted correctly , as indications on how to act in cases of invasion or data theft and did not give in to extortion.
   As there was no payment to the hacker, the personal data of thousands of customers, employees and executives of Banco Inter, one of the largest fully digital banks in Brazil, were placed in a 40 GB encrypted file. Data consist of photos of checks, documents, transactions, emails, personal information, safety keys and passwords of approximately 100,000 people.
   .
   • Hacker reports that he worked for about 7 months in the invasion of Banco Inter and explained that through an employee's error it was possible to enter the bank's systems and copy the data.
   • Banco Inter denied an invasion.
2. July, 2018.
   The Personal Data Protection Commission, with Tecmundo's collaboration , established a public civil inquiry to investigate case. In the course of the investigation, the MPDFT found, with proof of the Center for Production, Analysis, Dissemination and Information Security (CI), the commitment of :
   .
   • Registration data of 19,961 Inter -accounts of Banco Inter.
   • Of these, 13,207 contain bank details such as account number, password, address, social security number and telephone.
   • Another 4,840 customer data from other banks who made transactions to Inter users were also compromised.
   • Also confirmed was the exposure of the Bank's already revoked digital certificates and the bank's private key.
   .
   The Federal District Public Prosecution Service and Territories (MPDFT) requested the bank's conviction to pay R $ 10 million as compensation, due to not taking the necessary precautions to ensure the security of personal data from its customers and not customers. The amount, in the case of conviction, will be reversed to the Diffuse Rights Defense Fund (FDD).
3. December, 2018.
   An agreement was approved between Banco Inter and the Federal District and Territories Public Prosecution Service ( MPDFT ), where Banco Inter must pay R $ 1.5 million to repair the national collective moral damages resulting from data leakage.
   Source: Tecmundo

Phishing

The cases of fraud made using phishing are not new and continue to happen via email, WhatsApp and other social networks. It is often the circulation of false promotions, especially in the commemorative dates and were these examples we brought.

Regarding phishing in 2018, Kaspersky Lab identified the 110% increase in incidents, leading Brazil to 3rd place in the world ranking, as shown at the beginning of this article.

1. During 2018, especially in periods near Netflix catalog updates.
   NETFLIX FALSE EMAIL: The email asks the user to update their payment data as the alleged account would be suspended. With a convincing email construction, promoting movies and series that are on the rise or are new in the Netflix catalog, criminals convince many people, especially because it is a current content email. In this way, many people end up falling into this blow and providing sensitive data to criminals. It is worth alerting that it is the same suspicious link on all the e-mail buttons.
   Netflix has an official channel available for phishing complaints, so if you receive any such email, forward it to phishing@netflix.com

   

2. November, 2018.
   O Boticário Christmas toast: Real promotions with O Boticário gifts were seen as an opportunity for cybercriminals. One of the last occurrences of 2018 was the false promotion via WhatsApp that offered different brand gifts and to “win”, the user should provide the number of CPF and invite friends, generating a large flow of people providing their data to criminals. THE O Boticário officially spoke on his Facebook page, alerting the public about the false promotion.

   

3. December, 2018.
   Coca Cola Christmas toast: It happened via WhatsApp the circulation of a false promotion that offered Christmas gifts. To “win the toast”, the user should click on a link and register, it turns out that the link redirected the user to a phishing site for data capture, especially CPF numbers. THE Coca Cola was officially spoken informing that the promotion it was fake And reiterating that the site official of the company is: Christmas.cocacola.com.br

   

Fake news

The occurrence of fake news was so high during 2018 that DFNDR Lab identified that 11% of malicious links were fake news. Representing the 7% increase in fake news (from 4.4 to 4.8 million) that mainly address issues about policy, health or ways to make easy money, between the 2nd and 3rd quarter of 2018.

1. July, 2018.
   Fact or Fake : The G1 team sought to help netizens have a channel that analyzes fake news. The section identifies messages that cause distrust and clarifies what is real and what is false. The investigation is jointly by G1 journalists, Globo, Extra, Época, Valor, CBN, GloboNews and TV Globo. Political speeches are also conferred. See here the category
2. TOP 5 FALSE NEWS ON POLICY (DFNDR LAB)
   Node 5th Digital Security Report in Brazil From DFDR LAB was presented a ranking of fake news detection on politics. First is fake news about Jean Wyllys, this was detected 625,000 times by the security company.

   

Taking into consideration the remarkable news for security in the use of the internet in 2018, it is important to note that preventive methods against cyber attacks should always be first, for any and all connected user.

IT managers and professionals should prioritize information security , but the main question is: how to do it? Where to start?

The most important actions to improve information security in the company are based on prevention. We list 5 most relevant actions that must be implemented and periodically revised so that the company has an excellent basic level of information security attention.

• Data Backup : There are certain types of security incidents where the only option to recover company information involves restoration of safety copies. It is essential to maintain a backup strategy, with updated and verified routines. It should be analyzed, among other aspects, which data will be protected, the periodicity of updating, the copy retention time and the location of the copies (remembering that it is important to maintain copies in the place outside the environment where the data is in the company).
• Antivirus : It is important to use good antivirus software. Other network protection mechanisms are complementary and do not replace antivirus. There are free packages that offer a basic level of protection, however, for effective protection it is recommended that companies invest in the acquisition of a good antivirus and anti-male solution.
• Firewall and Internet Access Control : Protecting the network with firewall and blocking harmful links and harmful websites is a very relevant measure for information security. It is important that the solution has a functional management interface and easy to use, as the ease of report visualization and the correct tool configuration directly impact protection efficiency. A solution for internet access management such as Lumun is an excellent resource for increasing information security in the company , as well as promoting awareness of internet use and assisting employee productivity .
• Software Updates : All programs used on computers and equipment must be updated with recent versions. The practice of applying updates routinely, and whenever they are made available, is important for protection against attacks that take advantage of new vulnerabilities that are discovered, published and exploited. The operating system and internet browsers should pay extra attention and keep them updated a lot in security.
• Guide employees on good information security practices : Currently most attacks undergo an improper action by a company employee. Failures How to click on an email link that contains a totally amazing promotion, without proper care and attention to checking the link that will open, are examples of how carelessness can be a vulnerability and a safety problem gateway. Try to guide employees about the importance of care for information security in the company .

Want more internet security tips for small and medium -sized companies? See 11 internet security tips for small and medium -sized companies