What the Symantec's 2018 Internet Security Threat Report Means To You

Categories: Security & Backup
Tags:
CLO17_callCenter_010-min

Symantec's 2018 Internet Security Threat Report (ISTR) has been released, revealing the top cyber threats to your business, and the trends within the realm of cyber attackers. Know your enemy! See the full report here.

Cryptojacking risk soars

Incidents of cryptojacking - coin mining attacks - have shot to the top of Symantec's threat list as more and more cybercriminals "add it to their arsenal". As cryptocurrencies gain in notoriety and value, they naturally attract the attention of criminals. Said lawbreakers steal cloud CPU usage and computer processing power for their coin miners.

 Some companies don't take coin mining attacks as seriously as they might, because the immediate impact of cryptojacking doesn't seem catastrophic - they slow down computers and overheat batteries (although in some cases devices can be rendered totally unusable). However, organisations need to be aware of longer-term consequences of being host to these cybercriminals. Corporate networks are "at risk of shutdown", says the ISTR, and businesses could see themselves billed for cloud CPU usage. Symantec also points out a future risk regarding the Internet of Things (IoT). As IoT-connected devices become more common, their potential for use in coin mining increases.

Software supply chains - a chink in your armour?

Although high-profile cases like EternalBlue turn our heads, in reality, vulnerabilities within corporations become trickier for cyber attackers to take advantage of. Symantec have spotted what they think is a response to this tend - an increase in criminals targeting software supply chains. Malware implants are injected into software updates, which can give attackers a soft entry point into the best-guarded networks. For an example of this, recall Petya - the outbreak targeted Ukrainian accounting software as a chink in the armour, which meant that Petya was then free to use a various method to spread across corporate networks, deploying their "malicious payload".


Symantec has recorded a 200% increase in these attacks year-on-year, with one for each month of 2017 in comparison to just four attacks per annum in years prior.

The business of ransom demands

Ransomware, in some aspects, is a business like any other. Looking at it from an economist's point of view, you can see that ransomware's high profitability in 2016 led to an overcrowded market driving up prices (ransom demands). 2017 saw this "market" corrected, as you might expect, with lower demands and fewer players on the criminal side of things. The correction was a sharp one - the average ransom demand from ransomware was $522 in 2017, which is less than half the average of 2016.

Symantec notes that the number of ransomware variants increased (indicating continued dedication by more established groups of attackers), but that families saw a decrease. The company speculates that some criminal groups may have moved to higher value targets such as cryptojacking.

Malware is mobile

Mobile malware threats continue to expand as the years roll by. Symantec calculated a 54% year-on-year increase in mobile malware variants in 2017 and counted an average of 24,000 malicious mobile apps blocked every day last year.

The ISTR points the finger at old OS usage, noting that only 20% of Android devices are running the newest major version of their system, with a startlingly low 2.3% on the latest minor release. It's also worth considering "grayware", which are applications that are "troublesome" rather than totally malicious. These more insidious apps can leak the device's phone number.

To view the full report please click here

Related Articles

Vuzion scoops South Coast Tech Business Award - High Growth Tech Business

The judges were particularly taken with our focus on partner satisfaction commenting, “We were impressed by the turnover growth and ...

Microsoft announces new features for Power Platform at Ignite 2019

Microsoft has recently introduced new capabilities for its Power Platform at Ignite 2019 which should come in very handy for your cu...

Mimecast highlights 269% rise in BEC attacks

An increase put down to cybercriminals evading traditional email security solutions, implemented worldwide.

Microsoft 365 Business Voice is here

This is a great opportunity for partners to increase their value to SMB customers - and build a calling and meetings practice for Mi...