Phishing continues to be one of the key phenomena, especially in the EMEA region, as 53% of all phishing attacks worldwide can be traced back to IP addresses in this region, 38% to IP addresses in the Netherlands.

In recent years, phishing has become the preferred gateway for ransomware, i.e. malware that aims to blackmail users. Ransomware encrypts data or entire devices; the attacker promises to provide a key if a "ransom" is paid - of course, there is no guarantee. The seriousness of the ransomware problem was recently demonstrated once again by the WannaCry malware attacks.

Manufacturing target

Further results of the report for the EMEA region: 54% of cyber attacks targeted companies in just three sectors - finance (20%), manufacturing (17%) and retail (17%). In addition, many more than 67% of the malware found fell into the Trojan category, and 15% of the most common types of malware originating from EMEA were viruses or worms.

The report also takes a close look at brute force attacks. For example, 45% of these attacks on EMEA targets were carried out by attackers from this region. NTT Security uncovered more brute force attacks from EMEA (45%) than from North and Latin America (20%) and Asia (7%) combined.

Procedure

NTT Security monitors 40% of global internet data traffic. For the Global Threat Intelligence Report (GTIR) 2017, 3.5 trillion log files and 6.2 billion attacks were analyzed. Log files and information on vulnerabilities, attacks and other security incidents were analyzed. NTT Security's research results, including those from honeypots and sandboxes in over 100 countries, are also taken into account. This gives NTT Security insights into environments that are fundamentally different from the infrastructures in security labs and research facilities.