In our previous articles we have discussed some of the most burning internet security threats, and as of now, we thought it would be useful to make a summary of what we are aware of on the topic.
2017 was a year of several threats in the cyber world. WannaCry, Petya/NotPetya were just two examples of it, which we were discussing earlier. As we saw, the threats that occur nowadays have become more diverse, and hackers are working hard on discovering new ways to exploit the existing online security systems.
The focus has been shifting from ransomware to other opportunities in the cyber threat “industry”. With the astronomical rise in cryptocurrency values, many cybercriminals had an urge to shift to coin mining as an alternative revenue source. This resulted in an extreme increase in detections of coin miners on endpoint computers.
The impacts of coin mining are usually performance related, they usually slow down devices or overheat batteries. But if corporate networks are included, they might suffer a great deal from these attacks and might even be shut down temporarily.
Hijacking software updates played an important part in the increase of online attacks as they provided attackers with an entry point for compromising well-protected targets in a specific region or sector. However, the average ransom demands linked to the ransomware attacks have dropped. This could be a result of attackers shifting their focus to coin-mining, and making ransoms a secondary income.
There was also an increase in the number of new mobile malware variants in 2017. While threats are on the increase, the problem is exacerbated by the continued use of older operating systems. In particular, on Android™, only 20 percent of devices are running the newest major version and only 2.3 percent are on the latest minor release. Mobile users also face privacy risks from grayware, apps that aren’t completely malicious but can be troublesome.
As for attacks in 2018 and later, there are already guesses and facts, to sum up. One of the most significant trends we've seen in 2017 and early 2018 is the ongoing shift away from using malicious .exe files to package and deploy malware.
This represents a major change in the way attacks are carried out, and it poses a severe problem for traditional security solutions such as antivirus, which relies heavily on analyzing executable files in order to make detections.
In addition to reporting a significant rise in the new types of attacks they're seeing, organizations also report struggling to keep the cost and complexity of managing security down. With these in mind, it will be interesting to see and evaluate what the future holds for us.
This article was based on the ISTR 2018 report.
You might also be interested in:
Join Our Mailing List!
Sign-up today to receive our DocuBank newsletter and stay informed about our solutions and services, plus get exclusive content and product discounts.