5 cyber threats to be aware of in 2018
You don’t need to be a cybersecurity expert to know that cybercrime is a growing problem, not only in healthcare, but across all industries. To examine the issues further, we’ve pulled out some key findings from Symantec’s 2018 Internet Security Threat Report, and listed five threats that organizations should be aware of in 2018 and beyond.
- Ransomware becoming a commodity
Ransomware attacks have steadily increased year-over-year since 2013, hitting a record high of 1,271 detections per day in 2016. Ransomware detections failed to break that record in 2017, but levels remained high nonetheless. The potentially high profitability of ransomware activity in 2016 led to a crowded marketplace, with more and more cybercriminals utilizing ransomware as means of making a quick buck. However, in 2017, the ‘market’ shifted quite significantly – with the average ransom demand dropping to $522, less than half of what is was the previous year.
- Coin mining attacks explode
The rise in cryptocurrency values in 2017 inspired an influx of cybercriminals to utilize coin mining as an alternative revenue source. This coin mining “gold rush” resulted in a massive 8,500 percent increase in coin-miner detections on endpoint computers in 2017.
While the immediate impact of coin mining appears to be performance related—slowing down devices, overheating batteries, and rendering devices unusable—the implications are usually much worse, particularly for organizations. Corporate networks are at risk of being completely shutdown and there may also be financial implications for organizations who find themselves being billed for cloud CPU usage by coin-miners.
The report predicts that coin-mining attacks are likely to continue into 2018 and beyond, and attackers will become more heavily invested in their discovery of more creative and efficient forms of attack.
- Increase in software supply chain attacks
Last year saw a sharp spike in the number of attackers injecting malware into supply chains and software updates to gain entry and infiltrate unsuspecting organizations, with a 200% increase in these types of attacks, occurring at an average of once per month. The Petya outbreak was the most notable example in 2017 of a seemingly well-protected target becoming compromised via a variety of methods spread through corporate networks.
- Mobile malware continues to surge
Threats in the mobile space continue to grow year-over-year, with the number of new mobile variants of malware increasing by 54% in 2017 compared to the previous year. In addition, an average of 24,000 malicious mobile apps were blocked every day. Grayware (troublesome risks from apps that aren’t necessarily malicious) is also becoming a more prevalent issue, increasing by 20% in the last year.
Mobile devices continue to be plagued by their own poor security, with default passwords, outdated operating systems, and unpatched vulnerabilities all too common. The report makes note of the fact that while the number and severity of mobile threats is on the up, the issue is only being amplified by the number of devices running on out of date operating systems – just 20% of Android devices – for example – are on the latest software version.
- Fewer zero days cannot mask rise in targeted attacks
In 2017, the number of zero-day attacks dropped (hackers exploiting a vulnerability on the same day that it is discovered, giving developers zero days to find and fix it), with just 27% of the 140 targeted attack groups that Symantec tracks having been known to use zero-day vulnerabilities at any point in the past.
Instead, more cybercriminals are seeking to attack and infiltrate organizations with targeted activity, motivated primarily by intelligence gathering. Spearphishing is the number one infection vector, employed by 71% of organized groups in 2017, and email continues to be the number one delivery technique.
Avoiding cybersecurity risks in 2018
The Internet Threat Report is yet another stark reminder that digital security threats can come from new and unexpected sources, and at any moment. Not only is the sheer volume of threats increasing, but attackers are becoming more productive in their work to seek new, more malicious avenues of attack, with increasingly more devastating outcomes for their victims. It has never been more important for organizations of all sizes to implement robust company-wide cybersecurity defenses and work toward developing a culture of security and compliance.