Every year, Webroot analysts and threat researchers take a look at the cyber threat trends that have emerged over the previous year. Because they protect more than 40 million endpoints and have a threat intelligence platform capable of integrating information from billions of URLs, domains, IP addresses, files, and mobile apps, Webroot has the capacity to dive deep into the real-world threat landscape.
Their observations should be uppermost in business owners minds as they access the threats that their business face.
1. Phishing Attacks: End Users Are Clicking
A report released by Verizon in 2017 contained some shocking statistics concerning success rates for phishing attacks. Webroot’s research points to why.
While more than 1.5 million phishing attacks were carried out over the course of the year, most of the sites they directed to were live for no more than eight hours. IP masking and frequently changing domain names to evade static lists were favored techniques for covering hackers’ tracks. This serves as a reminder that static lists are all but completely ineffective at protecting against phishing attacks, and user education is increasingly important for successful threat prevention.
2. Static Malware is the Exception. Polymorphism is the Rule
Static lists were once the preferred method of keeping known malicious files from being downloaded onto machines. However, polymorphism’s popularity has retired static lists as a workable way of defending against malware. Tiny variations in malware binaries, ones that otherwise do not change their core functions, now prevent now these lists from reliably filtering out threats. Of the hundreds of millions of executable files Webroot analyzes each year, all but 6 percent of malicious executables were polymorphic. This serves to reinforce the lesson learned from modern phishing attacks: static lists belong to a bygone era.
3. Crypto Craze Drives the Rise of CPU Theft
The best cons leave their marks blissfully unaware they’ve just been hit. Or so we’ve read on the internet. Obliviousness happens to be an additional benefit of a tactic gaining popularity among cybercriminals recently.
Cryptojacking involves hijacking the computing power of a machine and reassigning it to the task of cryptomining, the process of adding transactions to a blockchain leger in exchange for a small transaction fee. Over time, these efforts can lead to steady returns on little effort for cryptojacking operations.
4. Ransomware Attacks Made Millions in 2017. And They’re Unlikely to Stop Soon.
The year 2017 was a big one for ransomware, a particular type of malware that locks a user’s files or hardware to extort a ransom. Two attacks in particular, WannaCry and NotPetya, infected more than 200 thousand devices in more than 100 countries for more than $4 billion in losses—all in under 24 hours.
While both attacks were widely discussed and among the most damaging in history, NotPetya was especially nefarious for its intent to damage infrastructure as well as soliciting a ransom. Ransomware attacks, especially successful ones, tend to be high-profile affairs. With a slew of them already grabbing headlines in a still-young 2018, they’re bound to continue being a favored tool of hackers in the year ahead.
5. Use Protection When Mobile Banking or Risk Spreading Viruses
The total number of smartphone users is expected to eclipse the 2 billion mark by 2019. The coming year will undoubtedly see mobile devices increasingly within the crosshairs of hackers. Malicious apps are the preferred method for hacking smartphones by a large margin. Webroot has analyzed more than 62 million mobile apps to date, and found a concerning 32 percent of those analyzed in 2017 to be malicious in nature.
See how easily your company can secure itself
Just click the button below, tell us who you are, how to reach you, and a couple of dates that work for your calendar. We’ll email or call to confirm shortly.
Reserve Your Appointment Now!