What the Symantec's 2018 Internet Security Threat Report Means To You

Categories: Security & Backup
Tags:
CLO17_callCenter_010-min

Symantec's 2018 Internet Security Threat Report (ISTR) has been released, revealing the top cyber threats to your business, and the trends within the realm of cyber attackers. Know your enemy! See the full report here.

Cryptojacking risk soars

Incidents of cryptojacking - coin mining attacks - have shot to the top of Symantec's threat list as more and more cybercriminals "add it to their arsenal". As cryptocurrencies gain in notoriety and value, they naturally attract the attention of criminals. Said lawbreakers steal cloud CPU usage and computer processing power for their coin miners.

 Some companies don't take coin mining attacks as seriously as they might, because the immediate impact of cryptojacking doesn't seem catastrophic - they slow down computers and overheat batteries (although in some cases devices can be rendered totally unusable). However, organisations need to be aware of longer-term consequences of being host to these cybercriminals. Corporate networks are "at risk of shutdown", says the ISTR, and businesses could see themselves billed for cloud CPU usage. Symantec also points out a future risk regarding the Internet of Things (IoT). As IoT-connected devices become more common, their potential for use in coin mining increases.

Software supply chains - a chink in your armour?

Although high-profile cases like EternalBlue turn our heads, in reality, vulnerabilities within corporations become trickier for cyber attackers to take advantage of. Symantec have spotted what they think is a response to this tend - an increase in criminals targeting software supply chains. Malware implants are injected into software updates, which can give attackers a soft entry point into the best-guarded networks. For an example of this, recall Petya - the outbreak targeted Ukrainian accounting software as a chink in the armour, which meant that Petya was then free to use a various method to spread across corporate networks, deploying their "malicious payload".


Symantec has recorded a 200% increase in these attacks year-on-year, with one for each month of 2017 in comparison to just four attacks per annum in years prior.

The business of ransom demands

Ransomware, in some aspects, is a business like any other. Looking at it from an economist's point of view, you can see that ransomware's high profitability in 2016 led to an overcrowded market driving up prices (ransom demands). 2017 saw this "market" corrected, as you might expect, with lower demands and fewer players on the criminal side of things. The correction was a sharp one - the average ransom demand from ransomware was $522 in 2017, which is less than half the average of 2016.

Symantec notes that the number of ransomware variants increased (indicating continued dedication by more established groups of attackers), but that families saw a decrease. The company speculates that some criminal groups may have moved to higher value targets such as cryptojacking.

Malware is mobile

Mobile malware threats continue to expand as the years roll by. Symantec calculated a 54% year-on-year increase in mobile malware variants in 2017 and counted an average of 24,000 malicious mobile apps blocked every day last year.

The ISTR points the finger at old OS usage, noting that only 20% of Android devices are running the newest major version of their system, with a startlingly low 2.3% on the latest minor release. It's also worth considering "grayware", which are applications that are "troublesome" rather than totally malicious. These more insidious apps can leak the device's phone number.

To view the full report please click here

Related Articles

The reseller ‘Not For Profit’ opportunity - webinar with Vuzion and Microsof...

To help resellers explore the not-for-profit opportunity open to them with Microsoft products, we’re hosting a webinar on 28 April, ...

The benefits of using Vuzion’s billing services

It's more important now than ever for partners to integrate and automate as much of their business and its processes as possible.

Vuzion Cloud Awards 2021 - what a great awards night!

Thank you to all our award sponsors, presenters and everyone who attended and helped make the evening such a great success.

Vuzion Awards 2021 - shortlist announced!

The judges have all reported on the high standard of the award entries, and what an honour it has been to read through so many inspi...