Main takeaways from the report include:
- Russia and China are responsible for the lion’s share of cyberattacks in 2019. When asked which country accounted for the most attacks, IR professionals said Russia (29%) and then China (18%), followed by North America, North Korea, Brazil, and Iran.
- Financial gain was the motivation for 90% of attacks. This is a sharp increase from 61% in the first half of 2019 and a shift from previous years when intellectual property theft and stealing customer information topped the list.
- IR pros said they experienced destructive/integrity attacks in about 41% of attacks. This is a 10% increase from the past two quarters.
- The use of island hopping continues to increase. It accounted for 41% of total attacks, up 5% since the first half of 2019 while lateral movement stayed steady at 67%
- Attackers are getting more creative. Custom malware was used in 41% of attacks, up from 33% in Q1 of 2019. The use of commodity malware has seen a slight decline, from 57% last quarter to 54% this quarter.
- There’s been a significant increase in the use of outside threat intelligence feeds. The technique was used in 57% of attacks this quarter compared to 14% last quarter.
- Our democracy is at risk. 59% of U.S. respondents said risk around the election process and security has increased significantly since 2016. Within that same group, 65% said they believe the 2020 presidential election will be influenced by an outside entity.
- Voter databases are being compromised. Machines from previous elections are readily available from high-reputation vendors on the dark web for less than $100. In total, from a single listing, information on more than 81 million voters is currently available for sale.