Phone Number +1-202-802-9399 (US)

ThycoticCentrify is now Delinea!

The Lockdown

Thycotic’s Cyber Security Blog

Symantec Internet Security Threat Report 2018: The Top Takeaways

Written by Joseph Carson

April 17th, 2018

It has been a very interesting past year with a few surprises along the way, but as expected cyber-crime grew significantly; financial impact was huge and many companies struggled to recover from cyber-attacks.

Cyber security—or the lack of it—is rapidly impacting everyone’s daily life and there is no longer a disconnect between personal and work life. In the past cyber-attacks were usually only a concern for the office, but today that is no longer the situation and cyber-attacks are commonplace, affecting everyone connected to the internet.

Cyber-attacks will be the biggest threat to every person and business on earth and will trigger future wars and political instability

The latest Symantec Internet Security Threat Report has been released and it reviews the state of cyber security across the globe.

Let’s take a look at some of the key takeaways from the report.

Ransomware is now a commodity

Of course ransomware was going to be top of the list—but who could have predicted both WannaCry or NotPetya?  WannaCry hit the world on May 12th and infected more than 230,000 systems in over 150 countries (causing havoc in the UK’s National Health Service) using the EternalBlue exploit that was part of the Vault7 leak from the U.S. National Security Agency (NSA) offensive tools. The impact was huge causing many disruptions around the world and highlighting the importance of patching systems with security updates.

Ransomware is now considered a commodity that no longer requires any significant technical expertise

The big change with ransomware in 2017 was that the ransom demand had dropped considerably from previous years and became easily accessible as a service. This means that ransomware is now considered a commodity that no longer requires any significant technical expertise and anyone with a computer and an internet connection can obtain ransomware and target a victim.  Ransomware is easily accessible to common criminals so we’ll see an increase in use.

Fewer ZERO days does NOT mean ZERO cyber-attacks

In 2017 zero-day attacks dropped out of use and preference for the cyber-criminal as it’s easier to simply target a victim using spear phishing attacks.  Humans have become the target and victims of cyber-crime. Spear phishing is now the number one infection vector, and email continues to be the number one delivery technique. Plus, it’s much easier to steal a trusted insider’s credentials and bypass traditional cyber security controls than it is to break through the firewall.

Cyber-criminals will continue to target identities and steal credentials in 2018.  4.5 billion identities were stolen in 2016. That’s more than everyone using the internet. And identity theft will increase because the more cyber criminals know the more they can influence us.

Cryptojacking is now the cyber-criminal’s alternative revenue stream

Yep, cyber criminals have now increased their income by expanding business opportunities.  Hacking and gaming during the day then mining cryptocurrencies at night.  When you’ve exhausted your own computer resources to mine bitcoins and other popular cryptocurrencies, why not exploit other unused computer resources around the world?  Coin-mining and cryptojacking are becoming more popular with cyber-criminals taking advantage of increased value of cryptocurrencies as well as the ability to stay anonymous.

This reminds me of the time many years ago when the famous screensaver SETI was being installed by millions of people to help in Search for Extra-Terrestrial Intelligence, and when computers where not being used, the software utilized the unused resources available.

Though in an interesting finding, those computers’ energy consumption went through the roof and this is going to be what we find with Bitcoin mining. When resources are hijacked organizations and governments will not only have a compromised device, but resources will cost them big in energy.

Supply chain is the easy path through the front door

I have a common saying in today’s ever-connected world and that is “You are only as secure as the people you keep around you.”

This also goes for your supply chain. Cyber-criminals are targeting the supply chain as the easiest path to compromise a target. It may not be the primary victim but can quickly become a secondary victim, usually because security is much lower and hackers often have multiple opportunities to gain privileged access to customers or partners.

This is highlighted in the Symantec Internet Security Threat Report which identifies software updates as a technique that hackers are using to compromise endpoints. Once a single endpoint is compromised it is usually only a matter of time before the unsuspecting victim walks into the corporate office and before you know it, it’s light outs—which is what happened a few years ago in Ukraine.

Don’t let your supply chain walk around your cyber security controls. It is extremely important to get in control of your privileged access.

Mobile and more mobile, and guess what? Yes, more mobile

The world has gone mobile and cyber criminals have shifted focus to targeting mobile devices more than ever, with Android being the common victim.  The biggest risk in mobile has not been with ransomware, like on other devices, but with data and privacy issues where the user’s sensitive information is being zapped across the world to a server in a country where “legal” is not even a word.  Be very careful about what you install and where you get your next app from as it could be stealing your password and or your identity.  So yes, mobile does not mean secure.

My conclusion

What is clear to me is that cyber security is imperative, more so now than any time in the past, with cyber-crime quickly overtaking traditional crime in almost every country globally.

Technology alone can’t protect your identity or sensitive information

Hackers and other threat actors target human beings, seeking ways to trick them into giving up vital information unknowingly. They do this because it’s the easiest way to get at valuable data in a process known as social engineering. So, it’s not surprising that exploited humans are the weakest link in the cyber security chain and yet the best hope for preventing a cyber security disaster.

We need to get the balance between people and technology right. In the cyber security industry, we have too much complexity so it is important that we make cyber security simple and therefore easier to use.  The future of cyber security lies in making it simple.

FREE Cybersecurity for Dummies ebook

FREE Cybersecurity for Dummies ebook

Show your employees how to protect themselves and your organization


Like this post?

Get our top blog posts delivered to your inbox once a month.