Things have been quiet on the hacking front recently, dangerously quiet.
We haven’t seen ransomware take down any gas stations, we haven’t heard of any meat factories suffering cyber-related supply shortages, and it feels like a very long time since we last read an article about a looming cyber-apocalypse.
Could this mean the cat and mouse game is over and we won the war?
Unfortunately, not. You can’t fix a problem the size of cybercrime overnight.
While of course we are still hearing about attacks, and not a day goes by that we don’t read about ransomware, we haven’t seen any of the massive hacks recently. The ones that knock us off our feet.
So, where have all the hackers gone?
Could it possibly mean that they have emerged from their basements, switched their hoodies for speedos and are sunning themselves on a sandy beach in Bermuda?
Looking at threat activity over the last few years, it certainly suggests this could be the case.
Hackers on Holiday
After having a few discussions on this topic in the office, I decided to do a little research for myself.
I wanted to find out if my suspicions were correct, that cyber-attacks do drop in the summer months because hackers have switched on their Out of Office and headed to the beach.
This is what I found:
- According to data from the website IT Governance there were only 86 publicly disclosed security incidents in July 2021, which was a significant drop compared to June and May.
- In May 2021 there were 128 publicly disclosed incidents, while in June there were 106 incidents.
However, the number of incidents is only one side of things. When looking at breached records, the data revealed:
- There were 115,861,330 breached records from publicly disclosed security incidents in May 2021
- There were 9,780,931 breached records from publicly disclosed security incidents in June 2021
- There were 33,727,641 breached records from publicly disclosed security incidents in June 2021
This means that even despite the relatively low number of incidents reported in July, a whopping 34 million records were impacted, significantly surpassing the number of records breached in June, even though there were more security incidents.
But looking at historical data on IT Governance, we can see:
- There were 86 publicly disclosed incidents in July 2020
- There were 92 publicly disclosed incidents in June 2020
- There were 105 publicly disclosed incidents in May 2020
This means statistically over the last two years, there has been a drop in security incidents in July, which suggests that cyber criminals could in fact be taking a well-deserved hacking vacay at the time. Plus, we are only one week into the beginning of August and the hacking scene is still very quiet, which suggests attackers could be taking this month off as well, but it’s too early to say for sure.
But let’s not get complacent and throw caution to the wind, because it certainly doesn’t mean the summer is a time to get lax on security.
Cybercriminals are always there, constantly looking out for opportunities. So, the best option is to prepare and plan for attacks all year round, so that when hackers do come knocking on your door you know how to respond and can navigate the situation safely, with minimal disruption.
Also, the bad news is also that this quiet period won’t last. Cybercrime activity will be back with a boom very, very soon and nobody knows who the next big victim will be, let’s just hope it isn’t you.