The evolving cyber threat

in

BY Richard Summerfield

2018 was a challenging year for the cyber security industry as threat actors’ tactics, traits and techniques continued to evolve. As a result, the number of large corporations which fell victim to cyber attack continued to grow last year, according to AppRiver’s ‘2018 Global Security Report’.

AppRiver’s Email Security and Web Protection filters quarantined more than 10 billion global threats including: (i) 8.3 billion messages containing URL-based malware, phishing attacks and text-based attacks; (ii) 300 million emails that included malware in a message attachment; (iii) the majority of malicious attachments with Word files with embedded macros; and (iv) 4.5 billion quarantined messages that originated in the US.

Trojan attacks surpassed the number of ransomware attacks, becoming the most commonly distributed threat type – Trojans were dispersed more than 20 million times. The ‘Trickbot Trojan’ and ‘Emotet’, were particularly prominent threats. Emotet, which functions as a downloader of other banking Trojans, cost state, local, tribal and territorial (SLTT) governments up to $1m per incident to remediate. In order to defeat such attacks, companies must deploy a robust ‘defence-in-depth’ approach, the report notes. Distributed Spam Distraction (DSD) and Business Email Compromise (BEC) attacks also became more prominent in 2018.

“The lines between hacking, cybercrime, and cyberwarfare are increasingly blurred now,” said Troy Gill, AppRiver’s senior cybersecurity analyst. “As a result, protecting small- and mid-sized businesses must be considered an integral part of our larger national cybersecurity posture. To be most effective, our strategy must be comprehensive, addressing vulnerabilities at all levels.”

Looking ahead, the report notes that internal ecosystem attacks will increase and attackers will employ more ‘bleeding-edge’ attack methods. The report notes that more advanced attack techniques will likely trickle down from the nation-state level to threaten more for-profit attacks against the public.

The rapid growth of the number of Internet of Things (IoT) devices will also create challenges, particularly as the lack of security being built into such devices will leave parties exposed.

Report: 2018 Global Security Report

©2001-2024 Financier Worldwide Ltd. All rights reserved. Any statements expressed on this website are understood to be general opinions and should not be relied upon as legal, financial or any other form of professional advice. Opinions expressed do not necessarily represent the views of the authors’ current or previous employers, or clients. The publisher, authors and authors' firms are not responsible for any loss third parties may suffer in connection with information or materials presented on this website, or use of any such information or materials by any third parties.