https://www.channelfutures.com/wp-content/themes/channelfutures_child/assets/images/logo/footer-new-logo.png
  • Home
  • Technologies
    • Back
    • Analytics
    • Artificial Intelligence
    • Cloud
    • Data Centers
    • Desktop
    • IoT
    • Mobility
    • Networking
    • Open Source
    • RMM/PSA
    • Security
    • Virtualization
    • Voice/Connectivity
  • Strategy
    • Back
    • Best Practices
    • Business Models
    • Channel 101
    • Channel Programs
    • Channel Research
    • Digital Transformation
    • Diversity & Inclusion
    • Leadership
    • Mergers and Acquisitions
    • Sales & Marketing
    • Specialty Practices
  • MSSP Insider
    • Back
    • Business of Security
    • Cloud and Edge
    • Endpoint
    • Network
    • People and Careers
    • Training and Policies
  • MSP 501
    • Back
    • 2021 MSP 501 Application
    • 2020 MSP 501 Rankings
    • 2020 Hot 101 Rankings
    • 2020 MSP 501 Report
  • Intelligence
    • Back
    • Our Sponsors
    • From the Industry
    • Content Resources
    • COVID-19 Partner Help
    • Galleries
    • Podcasts
    • Reports
    • Videos
    • Webinars
    • White Papers
  • EMEA
  • Awards
    • Back
    • Excellence in Digital Services
    • 2021 MSP 501
    • Top Gun 51
  • Events
    • Back
    • CP Conference & Expo
    • Channel Partners Evolution
    • Channel Evolution Europe
    • Channel Partners Event Coverage
    • Webinars
  • Channel Mentor
    • Back
    • Channel Market Intelligence
    • Channel Educational Series
Channel Futures
  • NEWSLETTER
  • Home
  • Technologies
    • Back
    • Analytics
    • Artificial Intelligence
    • Cloud
    • Data Centers
    • Desktop
    • IoT
    • Mobility
    • Networking
    • Open Source
    • RMM/PSA
    • Security
    • Virtualization
    • Voice/Connectivity
  • Strategy
    • Back
    • Best Practices
    • Business Models
    • Channel 101
    • Channel Programs
    • Channel Research
    • Digital Transformation
    • Diversity & Inclusion
    • Leadership
    • Mergers and Acquisitions
    • Sales & Marketing
    • Specialty Practices
  • MSSP Insider
    • Back
    • Business of Security
    • Cloud and Edge
    • Endpoint
    • Network
    • People and Careers
    • Training and Policies
  • MSP 501
    • Back
    • 2021 MSP 501 Application
    • 2020 MSP 501 Rankings
    • 2020 Hot 101 Rankings
    • 2020 MSP 501 Report
  • Intelligence
    • Back
    • Our Sponsors
    • From the Industry
    • Content Resources
    • COVID-19 Partner Help
    • Galleries
    • Podcasts
    • Reports
    • Videos
    • Webinars
    • White Papers
  • EMEA
  • Awards
    • Back
    • Excellence in Digital Services
    • 2021 MSP 501
    • Top Gun 51
  • Events
    • Back
    • CP Conference & Expo
    • Channel Partners Evolution
    • Channel Evolution Europe
    • Channel Partners Event Coverage
    • Webinars
  • Channel Mentor
    • Back
    • Channel Market Intelligence
    • Channel Educational Series
    • Newsletter
  • REGISTER
  • MSPs
  • VARs / SIs
  • Digital Service Providers
  • Cloud Service Providers
  • CHANNEL PARTNERS ONLINE
 Channel Futures

MSSP Insider


Shutterstock

Data Leak

Data Leak Web Attacks Double, Abusing Governments, Banks, More

  • Written by Pam Baker
  • July 1, 2019
Government websites are taking the biggest hit, but banks, transportation and other verticals also are impacted.

Data leak web attacks doubled in 2018, according to a new Positive Technologies report. This type of attack accounts for 67% of attacks on government websites, and they are commonly used to stage targeted attacks later.

The Positive Technologies researchers note that “government institutions’ websites are still exposed to dangerous attacks aimed at gaining server control and stealing database information. This means gaining control of the attacked website, having access to the OS and to all files on the server.”

However, it was financial institutions that took the heaviest number of hits from web application attacks, followed by transportation and hospitality/entertainment. The three most common attacks are SQL injection, path traversal and cross-site scripting.

Positive Technologies' Leigh-Anne Galloway

Positive Technologies’ Leigh-Anne Galloway

“Even the risks related to sites compromised are high; for instance, if the official bank site is used to distribute malware or stage phishing attacks, customers will be the first to be hit. Attacks on customers top the list of attacks on web applications of financial institutions,” said Leigh-Anne Galloway, cybersecurity resilience lead at Positive Technologies.

“As regulation has leveled the playing field between fintechs and digital challengers, traditional banks’ market dominance is being threatened. Customers now have more choice on who to bank with and are more brand agnostic. This means traditional banks risk losing customers if their systems are not robust and secure,” Galloway added.

Surprisingly, attacks on banks are increasingly coming from nation states with the intent to harm rising well beyond theft to include bank or even economy crashes. According to a Carnegie Endowment for Intranational Peace report, the attackers behind 23 out of 94 financial cyberattacks since 2007 are believed to be state-sponsored, with the majority coming from countries like Iran, Russia, China and North Korea. The Carnegie’s Cyber Policy Initiative developed a timeline of the nation state attack trend.

“Increasingly, the attacks target the personal and payment data of customers. Most of 2018’s attacks (42%) were aimed at data theft. We also see attacks aimed at infecting a site with malware, which allows the hackers to reach more victims and use vulnerable sites for targeted attacks,” said Galloway.

The future doesn’t look poised to bring much relief. A recent report by BAE Systems and SWIFT predicts that criminals will stick with simple, tried-and-true methods like the Positive Technologies’ report notes, but will likely also include attacks on “foreign exchange markets, trade finance, securities and other areas, looking to make large gains in single intrusions or use persistent access to play the market over longer periods.”

The future is also gloomy for the public sector given the rise in nation state attacks and the cumulative effect of previous public and private sector data breaches. For example, the Government Accountability Office (GAO) reports that data breaches like that at Equifax are still posing great risks to four government agencies: the Department of Veterans Affairs, Centers for Medicare and Medicaid Services, Social Security Administration, and U.S. Postal Service. In another GAO report, the government agency found 10 critical actions are needed to address four major cybersecurity challenges across agencies.

Tags: MSPs Business of Security MSSP Insider Network

Related


  • Spam
    Kaspersky Research: Russia Now No. 1 Global Source of Spam
    The most frequent targets of phishing attacks were online stores.
  • Cybersecurity Roundup
    Law Firm Cyberattack Exposes Tens of Thousands of Patient Records
    Cybercriminals prefer to target entities like law firms because of the enterprise data they possess.
  • Cloud security
    IT Facing Major Security Issues, But Cloud Security May Be Most Immense
    A number of reports point to security problems within client environments, but cloud could be the biggest.
  • Threats
    Despite SIEM Software Adoption, Threat Coverage Comes Up Short
    Enterprise SIEMs are unprepared for 84% of certain tactics and techniques.

Leave a comment Cancel reply

-or-

Log in with your Channel Futures account

Alternatively, post a comment by completing the form below:

Your email address will not be published. Required fields are marked *

Related Content

  • Blame IT Pros for Data Privacy Failures?
  • MSSPs, Beware: Threat Analysis Group Warns of North Korean Social Engineering
  • Financial Sector Cyberattacks Rising with Bad Actors Raking in the Dough
  • Untangle Research: Breach Headlines to Prompt Increased Cybersecurity Spending

Galleries

View all

Channel Partners Virtual 2021 Is the Hottest Ticket in Town

February 26, 2021

Industry Perspectives

View all

Backup Vulnerability: 4 Targets Hackers Might Utilize to Infiltrate Your Backup Solution

March 2, 2021

The “Roaring 20s” Are Coming

February 25, 2021

Three Ways MSPs Can Improve Supply Chain Security

February 24, 2021

Webinars

View all

A Partner’s Perspective on Channel Success in 2021

March 23, 2021

XDR and Why it Matters to MSPs

March 24, 2021

Top Security Trends Impacting Technology Security Providers In 2021

March 25, 2021

White Papers

View all

Why Fortinet for my MSSP?

March 2, 2021

Small and Mid-Size Business Security: 4 Steps to Success

March 2, 2021

How SMBs Can Secure Endpoints and Remote Workers for the Long Haul

March 2, 2021

Upcoming Events

View all

Channel Partners Virtual

March 2, 2021 - March 4, 2021

Channel Partners Conference & Expo

November 1, 2021 - November 4, 2021

Videos and Fastchats

View all

FASTCHAT: How SOAR Eliminates Security Challenges and Elevates Service Provider Revenues

January 6, 2021

Happy Holidays from Channel Partners & Channel Futures!

December 21, 2020

FASTCHAT: How Old, Unpatched Technologies Are Creating New Security Threats for MSPs and Their Customers

December 3, 2020

Twitter

ChannelFutures

.@Netrality launches expanded partner program. #datacenters dlvr.it/RtrKXt https://t.co/2qHhnqrF7g

March 3, 2021
ChannelFutures

With day one of #CPVirtual in the books, we offer a recap of highlights and look ahead to day two. @Channel_Expo… twitter.com/i/web/status/1…

March 3, 2021
ChannelFutures

Why Fortinet for my MSSP? @EXN_Networks dlvr.it/Rtr1JS https://t.co/VV1dfuEK3r

March 2, 2021
ChannelFutures

Small and Mid-Size Business Security: 4 Steps to Success @EXN_Networks dlvr.it/Rtr1J9 https://t.co/ENfDHBfajN

March 2, 2021
ChannelFutures

How SMBs Can Secure Endpoints and Remote Workers for the Long Haul @EXN_Networks dlvr.it/Rtr1Hq https://t.co/3aAZL31Y2e

March 2, 2021
ChannelFutures

Mapping the Ransomware Landscape @EXN_Networks dlvr.it/Rtr1F6 https://t.co/oTSoIJKlA5

March 2, 2021
ChannelFutures

Top 5 Considerations when Selecting an EDR Solution @EXN_Networks dlvr.it/Rtqt8V https://t.co/g9VLXbj2Rx

March 2, 2021
ChannelFutures

[email protected] launches new #partnerprogram. #zerotrust dlvr.it/RtqhZB https://t.co/yIUhvYkYUs

March 2, 2021

MSSP Insider

Newsletters and Updates

Sign up for The Channel Report, Channel Futures Update, MSP 501 Newsletter and more.

Live Channel Events

Get the latest information on the next industry-leading Channel Partners event.

Channel Partners Online

Want more? Find more channel news and analysis on our sister site, Channel Partners.

Media Kit And Advertising

Want to reach our audience? Access our media kit

DISCOVER MORE FROM INFORMA TECH

  • Channel Partners Online
  • Channel Partners Events
  • MSP 501
  • MSSP Insider
  • IoT World Today
  • Webhostingtalk

WORKING WITH US

  • Contact
  • About us
  • Advertise
  • Newsletter

FOLLOW Channel Futures ON SOCIAL

  • Privacy
  • CCPA: “Do Not Sell My Data”
  • Cookie Policy
  • Terms
Copyright © 2021 Informa PLC. Informa PLC is registered in England and Wales with company number 8860726 whose registered and Head office is 5 Howick Place, London, SW1P 1WG.
This website uses cookies, including third party ones, to allow for analysis of how people use our website in order to improve your experience and our services. By continuing to use our website, you agree to the use of such cookies. Click here for more information on our Cookie Policy and Privacy Policy.
X