Actu
Blueliv Annual Cyberthreat Report advises increased intelligence sharing and cross-industry collaboration
March 2018 by Blueliv
Blueliv has released its Annual Cyberthreat Report, compiling actionable intelligence from Threat Compass with expert insight from its analyst team. The report found that malware variants previously focused on the financial sector are now successfully attacking non-banking targets too, concluding that a higher level of collaboration and intelligence-sharing between industries is ever-more crucial in the fight against cybercrime.
As the ‘public profile’ of cybercrime continues to increase, enterprises are encouraged to look at how they keep their businesses and customers safe by sharing intelligence, best practice and defense measures.
Ramon Vicens, CTO, Blueliv, commented, “When cyberattacks in one industry make headlines, organizations in other industries start to take notice. And when other organizations take notice and start taking proactive steps to strengthen their security posture, that is good news for all of us: the fight against cybercrime is a collaborative effort.”
The Blueliv Annual Cyberthreat Report reflects on notable cybersecurity incidents in 2017 to make informed predictions about the current state of play and areas which require immediate attention in the coming months. Trends identified in the report include:
• Attacks are discriminating much less by sector than in previous years. Any company holding PII is a target
• Corporate intrusion in one industry will have a positive effect on other industries in terms of strengthening security posture
• GDPR will mark a fundamental shift for organizations, but also for the bad guys: even the threat of a reported data breach will become increasingly lucrative
• AI-powered attacks are increasing in scope and complexity, reflecting advances in AI-powered cyberdefense
• Self-spreading ransomware which grabbed the headlines in 2017 will be overtaken by cryptojacking attacks
Other key findings include an overview of increased malware sophistication, with improved complexity, encryption, obfuscation and lateral movement techniques used by adversaries. These advances are put into context through an analysis of major data breaches and their implications for the organizations involved and the world at large. The report concludes with guidance around what organizations should be doing to protect themselves.
to resume:
Malware advances no longer focused on ‘traditional’ enterprise targets as cybercriminals expand their scope
• Almost 2 billion exposed credentials detected
• 140% increase in TOR domains used as crimeservers 2016-2017
• 2 million stolen credit card details found, 40% of which from four major American banks
• Improved malware complexity, obfuscation and lateral movement techniques
• Variants of Trickbot the most commonly used webinject detected
