Navigating Today’s Threat Landscape

Navigating Today’s Threat Landscape

By Charles Cooper

The exact tally won’t be known for several more months but preliminary reports and anecdotal evidence suggest that the number of cyberattacks this year may well surpass 2016. That year, cybercrime cost the global economy over $450 billion and led to the theft of over 2 billion personal records.

Coming into 2017, the expectation was that malicious hackers, cybercriminals and nation-state actors would continue to launch more innovative attacks — and the bad guys have not disappointed. Since the beginning of the year, attackers have demonstrated persistence and cleverness in their efforts to outwit their victims. In fact, Accenture says that the appearance of more viral variants this year has set a new bar for cybersecurity teams across all industries.

In other words, there’s no rest for the weary when it comes to cyberdefense. Let’s take a closer look at some of the highlights to date.

Wikileaks CIA Vault 7

In March, WikiLeaks published nearly 9,000 documents — known as the “Vault 7” dump — that it said revealed the CIA’s hacking arsenal, including revelations about iOS and Android vulnerabilities, Windows bugs and the capability of turning certain smart TVs into listening devices. How Wikileaks obtained the information is unknown. But a word to the wise: If an organization with the technical sophistication of the CIA can be hacked, so can yours.

Eternal Blue

The hacking group that goes by the name Shadow Brokers released spy tools it claimed to have stolen from the National Security Administration, including a Windows exploit called EternalBlue that would feature in subsequent ransomware attacks.

WannaCry

WannaCry struck in mid-May and spread rapidly around the world. The attack crippled more than 300,000 Windows systems, wreaking havoc in some hospitals and international businesses. In March, Microsoft released the MS17-010 patch for the bug. The speed with which the attack ricocheted around the globe testified to the fact that not only were many organizations still using older versions of Microsoft Windows, but that they were remiss when it came to basic security hygiene.  WannaCry re-emerged in August when LG Electronics said it was forced to shut down some systems after finding the ransomware on a self-service kiosk in South Korea.

Petya/NotPetya

Soon after, the ransomware Petya/NotPetya grabbed control of computers around the world, demanding ransom from their owners. Among its victims, Ukrainian agencies and companies, as well as global organizations.   

And then there are the oldies but goodies as attackers predictably went back to what has worked for them in the past.

Targeted emails apparently figured in ongoing attacks against companies that operate nuclear power stations and other energy facilities. The New York Times reported that the emails contained malware-laced fake résumés. The malware would spread once recipients clicked on the Word attachments, allowing attackers to steal user credentials.

None of this should phase security practitioners. It’s just the latest stage in a protracted back-and-forth battle. But it’s also a clear signal that organizations shouldn’t let down their guard.

Charles Cooper has covered technology and business for the past three decades. All opinions expressed are his own. AT&T has sponsored this blog post.