Based on data gathered and analyzed by major security companies in 2018 and early months of 2019 some interesting trends have been observed.
Decline of ransomware attacks?
While ransomware appeared to have been less of a problem in 2018, it became more focused and sophisticated. Although major ransomware onslaughts are to subside further in 2019, the new ransomware strains emerge as malware hackers turn to more targeted attacks, and companies still fall victim to ransomware.
Cyber criminals employ agile development, artificial intelligence, UPnP and Tor functionalities which makes the threats harder to detect, more resilient and difficult to eradicate. Continued innovation in tactics and techniques have been seen particularly with Emotet and Trickbot epidemic in 2018.
Gone phishing on high risk URLs
Phishing continues to be a major threat, now targeting online giants like Amazon, Netflix and Target in hopes of exploiting human weakens of re-purposing the same passwords so criminals can compromise other accounts like online banking.
Here’s some alarming stats. The number of phishing sites per day, in particular, more than doubled over the course of 2018. The number of botnets fluctuated and it spiked in Oct/ Nov last year, likely due to attacks of Emotet banking trojan. Some fluctuations, in the level of activity are due to seasonal factors, such as the fact that attacks ramp up during the holiday shopping season.
Is your hardware working overtime cryptomining?
Rouge actors continue to innovate and combine attack methods for maximum results by pivoting from one attack vector to another, with monetization being the end goal.
Hacker operations have evolved from a smart kid in the basement into criminal enterprises with go-to-market strategy, laser focused on quick ROI. As a result, cryptojacking and cryptomining surpassed ransomware in volume, providing quicker paths to profit over extorting ransom, despite dramatic fluctuations in the value of cryptocurrency.
This trend will likely continue to dominate the landscape, with perhaps 50% of all attacks leveraging hardware in user devices enslaved to mine cryptocurrency.
Unpatched hardware and IoT in crosshairs
There has been a notable increase in router and IoT targets in 2019. Over 415K of MikroTik routers around the world were hijacked to conduct cryptocurrency Monero mining.
Small businesses and home users are very vulnerable as their routers serve as the hubs for networks and smart home devices (IoT), yet most users have no visibility nor wherewithal to see what they are doing behind the scenes. Meanwhile hackers can learn a lot about a user’s environment, redirect URLs, inject cryptojacking scripts and carry out man-in-the-middle attacks.
How to protect yourself?
The real-life data collected and analyzed by major cybersecurity vendors in the recent months emphasizes the value of a multi-layered security defense measures that stay up to date with the latest threats and trends making up today’s cyber security landscape.
Keep your networking gear up to date by checking with the manufacturer and support vendors on most recent security patches and firmware updates. If the networking hardware is no longer updated it’s likely time to seek alternatives.
Since almost half of malicious URLs were on good domains, and users can’t easily discern whether the destination is benign or malicious. It is expected this trend will continue through 2019. To protect users, solutions need URL-level awareness or better domain-level metrics that accurately detect the dangers.
High-risk IP addresses continue to be recycled with hundreds of thousands appearing on the blacklist at numerous times. While the majority are spam sites, a significant portion are botnets and scanners. Dynamically updated IP address lists coupled with contextual analysis continue to be the best way to deal with risky IP addresses.
Since the end user is typically the weakest link as well as the last line of defense , security awareness training plays a key role in the overall security strategy.
Because phishermen change their techniques and hooks from month to month, security awareness training needs to keep pace with
those changes and incorporate them into simulations and related training.
Studies have shown some interesting data about awareness training like: users are 70% less likely to fall for phishing campaigns after participating in training for one year.