What’s in an Evil Internet Minute? Even More Evil than Before

In today’s threat landscape, falling victim to attacks only takes a minute.

With businesses expanding their online presence to create more touchpoints with customers, employees, and partners, the boundaries between what’s inside the firewall and what’s outside become less and less discernible, opening a whole new front in the battle between attackers and security teams. These attackers target brands and consumers on the open web with tactics like phishing, spinning up malicious mobile apps, hacking third-party suppliers, and directly compromising websites.

Security teams must now protect both their organization’s internal network, as well as its presence across the entire internet. But just how vulnerable is this internet-facing attack surface and what is the material cost of defending—and not defending—it?

To find out, RiskIQ created our first annual “The Evil Internet Minute” last summer, which summarized the cyber threats organizations and Internet users face every minute. Because it gave an entirely new perspective on the threats targeting organizations outside their firewalls, it proved to be very popular with both the press and security champions in organizations, helping raise awareness of the scale of attacks leveled against them. As things have only gotten worse in the past year, we repeated the exercise and created a 2018 infographic that breaks down the cyber stats of the past year into an average Internet minute.

Click to download

We tap the best third-party research from around the world, and conduct our own by deploying our web-crawling infrastructure, which each day executes and analyzes more than two billion HTTP requests, takes in terabytes of passive DNS data, collects millions of SSL Certificates, and monitors millions of mobile apps to gather our own. When viewed as a whole, this data shows that as organizations continue to roll out new digital strategies and initiatives, the new digital assets they create are subject to scores of malware, malvertising, phishing and crypto mining efforts on a massive scale, while rogue apps, domain and brand infringement, and social impersonation cause business disruption and material loss.

On top of that, vulnerable third-party code, which many organizations may not even know they’re running, is a central narrative in recent security events, namely the rise in cryptocurrency mining and RiskIQ’s research into Magecart, the threat group responsible for the hack of Ticketmaster.  

In almost all instances the numbers look worse than they did last year:

• 1.5 organizations fell victim to ransomware attacks every minute with an average cost to businesses of $15,221
• .17 blacklisted mobile apps
• .21 new phishing domains
• .07 incidents of the Magecart credit card skimmer
• .1 new sites running the CoinHive cryptocurrency mining script
• 4 potentially vulnerable web components discovered

When brands understand what they look like from the outside-in, they can begin developing a digital threat management strategy that allows them to discover everything associated with their organization on the internet, both legitimate and malicious, and monitor it for potentially devastating cyber attacks. However, bringing the massive scope of an organization’s attack surface into focus is no easy task.

Click here to see RiskIQ’s 2018 “Evil Internet Minute” infographic and find out what you and your organization are up against: