American security company Symantec boasts one of the most comprehensive repositories of cybersecurity threat intelligence in the world. The company has released their annual report that highlights trends in the cybercrime threat landscape.
We have summarised three of the most relevant findings from the perspective of medium and large businesses. You can download the report in full from this link.
Software Update Supply Chain Attacks Increased by 200% in 2017
One of the most notable trends of 2017 was the implantation of malware into reputable software updates. Such attacks rose by 200 percent in 2017, with at least one major supply chain attack noted by Symantec in every month of last year.
Hackers are always looking for ways to exploit well-protected networks and this approach has yielded dividends. The NotPetya outbreak in June was the most notable example of a supply chain attack that spread rapidly across corporate networks to disastrous effect.
The attacks work by leveraging the trust that users have in certain channels – once an attack has penetrated well-protected networks, there is potential for fast distribution of infected files because the network is configured to trust internal actors.
A managed IT services provider can mitigate the threat by way of consistent security audits and a regular patching cycle. The Eternal Blue exploit used by NotPetya to gain a foothold in each network had a patch that could have been applied weeks earlier, but the patch had not been applied to many large organisations with legacy technology, making them a huge target.
Cryptojacking Takes Off: Massive Increase in Crypto Coin Mining
With interest in cryptocurrency skyrocketing in 2017, it makes sense that cyber criminals have sought to exploit the boom in their own way. Symantec noted an 8,500% increase in detection of coin miners on endpoint computers last year. The latest figures gathered by Symantec for the month of December 2017 show that 1.7 million cryptojacking attacks were uncovered.
Cryptojacking can threaten digital infrastructure from a corporate perspective. Mining of cryptocurrency can wreak havoc on corporate networks, limiting processing power and taking up space on cloud CPU. This can lead to unnecessarily inflated operation cost and reduced productivity.
Again, a regular patching cycle can mitigate the risk of a coin miner infection. It’s also important to regularly train staff in how to spot phishing emails that can lead to a compromised website or to the bypassing of standard security warnings.
Application Whitelisting is a great way to minimise the likelihood of any non-approved software from executing on your network.
Crowded Market Leads to Diverse Ransomware Threats
Cybercriminals have shifted their tactics when it comes to ransomware. The days of threats being used to facilitate a big score seem to be over, with hackers opting to commoditise ransomware and use it as a decoy for other forms of attack. The average ransomware figure dropped to $522 in 2017, but noted threat groups began to utilise ransoms in a different manner.
The widely reported Petya/NotPetya outbreak included use of disk wiping software disguised as ransomware. May 2017 saw the WannaCry threat spread rapidly across the globe within hours, with ransomware deployed as a decoy for other attack vectors.
Ransomware is easy for hackers to deploy and organisations need to be wise to the threat. Singular ransomware attacks may be simple to spot, but hackers are using more creative means to gain access to corporate networks.
Managed IT Services from Computer One
Hacking and cybercrime are persistent and ongoing threats for modern businesses. At Computer One we have developed a number of ways in which to protect your information and keep your business growing strongly. Each of them targets a different potential weakness in your network and they can often be run as one-off activities or included as part of our Managed IT Services.