Symantec recently released the 23rd volume of its Internet Security Threat Report (ISTR), in which it highlights the diverse threat landscape facing organizations and the fact that threats are continuously looking for new ways to attack.
The report finds that coin-mining malware attacks have gone through the roof. Compromising an organization through its software supply chain is an increasingly popular attack vector, with targeted attacks up by 10%.
Few enterprises would have heard of cryptojacking at the beginning of 2017, evidence that the threat landscape is continually evolving and a point-in-time assessment is always going to be inadequate. Instead, organizations must be constantly aware of the evolving threat landscape to support the best possible security posture.
Mining cryptocurrency can be big business, with organizations and individuals alike doing this to generate income, some legitimately and some not. The Symantec report notes that the consequence of the huge spike in cryptocurrency values toward the end of 2017 was an 8,500% rise in coin mining (attackers moved from ransomware to cryptojacking to make money). Yet many organizations remain unaware of cryptojacking and its impact.
In 2017 Symantec saw a 200% increase in incidents where attackers injected malware implants into the software supply chain to infiltrate organizations. Despite keeping its own house in order in terms of security, an organization can still be compromised via the software in use throughout its supply chain.
Cyber espionage, financial gain, and enterprise disruption are noted by Symantec as the top three motives for the 10% increase in targeted attacks in 2017. It’s evident that threats are still using well-known methods of attack as well as looking for new vectors, with 71% of all targeted attacks originating with spear phishing.
This report should serve as a wake-up call to many organizations. There is a great deal of misplaced optimism among enterprises that they are better prepared than their counterparts when it comes to knowing what attacks might happen, preventing an attack, detecting an attack, and dealing with an attack. This Symantec report puts paid to this optimism, and across all sectors, enterprises must improve their security controls to deal with the continuously evolving threat landscape.
Symantec’s Internet Security Threat Report should serve as a wake-up call, INT003-000132 (April 2018)
Maxine Holt, Research Director, Infrastructure Solutions