Wednesday, March 28, 2018

Hunting trends

Do you know the term coolhunter? These professionals have a clear goal, to anticipate a fashion or trend in order to anticipate them and be the first to put them into practice. You need a very specific profile, innovative and visionary.

Like coolhunters, cybersecurity also has its hunters. Cofense is one of them and recently published Cofense Malware Review 2018. This document identifies the trends that defined the cyberattacks received during the year 2017 and based on them, the emerging trends are forecasted for the year 2018.

Looking back towards the past year, there are a number of cyber attacks that appear directly in your mind, but Cofense's study knows how to look further and focus on a series of attacks and its evolutions that are less visible that dramatically changed the landscape of the threats and that have marked the threats of 2018.

During the past year, cybercriminals have demonstrated their speed when exploiting vulnerabilities, but also to modifying malware. This gives them a remarkable ability to exploit attack surfaces, benefit from the proliferation of cryptocurrencies, the digital transformation of companies and their adaptation to the cloud.

The report is based on the collection of millions of data received from a wide range of sources, and it points to the crypto-industry like a rising trend that does not seem to decrease during the remainder of the year. In 2017 its appearance and increase was remarkable, millions of computers were infected and their processors used by armies of botnets of criptomining. This process reduces the efficiency of infected computers while generating coins for cybercriminals.

In 2017, it was also possible to detect a new trend in cyber attacks in which Microsoft Office is the main objective. Specifically, Office Macro scripts took the lead in Office-based attacks, making use of Windows-based interoperability functionality for malicious purposes. Cofense analyzed almost a hundred campaigns that abused Microsoft Office Object Linking and Embedding (OLE).

For all of us who are in direct contact with cybersecurity, we can not forget that ransomware has become one of the most dangerous types of attacks. The well-known Locky and Cerber ransomwares that appeared in 2016 continued to retain the encrypted files in 2017. At the same time, several prominent ransomware families emerged in the main phishing campaigns. In fact, five of the top ten malware varieties in the phishing email were new varieties of ransomware, demonstrating the desire of ransomware operators to evolve and survive. Many attackers require bitcoin as the preferred method of ransom payment, going so far as to provide victims with step-by-step payment instructions using their cryptocurrency of choice.

One of the ways to anticipate trends in the cybersecurity sector is to study the vulnerabilities that cybercriminals attacked in order to know where their interest is going. The training of the companies’ employees about cybersecurity trends becomes one of the best ways to combat them.


Post a Comment