Each year, a team of Webroot analysts and threat researchers take a look back at some of the most salient cyber threat trends to emerge over the previous year. With more than 40 million licensed endpoints and a threat intelligence platform capable of integrating information from billions of URLs, domains, IP addresses, files, and mobile apps, Webroot has the capacity to dive deep into the real-world threat landscape.
Here are five clear trends we saw emerge over the course of 2017.
1. Phishing Attacks: End Users Are Taking the Bait
A report released by Verizon in 2017 contained some shocking statistics concerning success rates for phishing attacks. Webroot’s research points to why.
While more than 1.5 million phishing attacks were carried out over the course of the year, most of the sites they directed to were live for no more than eight hours. IP masking and frequently changing domain names to evade static lists were favored techniques for covering hackers’ tracks. This serves as a reminder that static lists are all but completely ineffective at protecting against phishing attacks, and user education is increasingly important for successful threat prevention.
2. Static Malware is the Exception. Polymorphism is the Rule.
Static lists were once the preferred method of keeping known malicious files from being downloaded onto machines. However, polymorphism’s popularity has retired static lists as a workable way of defending against malware. Tiny variations in malware binaries, ones that otherwise do not change their core functions, now prevent now these lists from reliably filtering out threats. Of the hundreds of millions of executable files Webroot analyzes each year, all but 6 percent of malicious executables were polymorphic. This serves to reinforce the lesson learned from modern phishing attacks: static lists belong to a bygone era.
3. Crypto Craze Drives the Rise of CPU Theft
The best cons leave their marks blissfully unaware they’ve just been hit. Or so we’ve read on the internet. Obliviousness happens to be an additional benefit of a tactic gaining popularity among cybercriminals recently.
Cryptojacking involves hijacking the computing power of a machine and reassigning it to the task of cryptomining, the process of adding transactions to a blockchain leger in exchange for a small transaction fee. Over time, these efforts can lead to steady returns on little effort for cryptojacking operations.
Want to know which cryptocurrency was most popular among cryptojackers? Download the report to learn more.
4. Ransomware Attacks Made Millions in 2017. And They’re Unlikely to Stop Soon.
The year 2017 was a big one for ransomware, a particular type of malware that locks a user’s files or hardware to extort a ransom. Two attacks in particular, WannaCry and NotPetya, infected more than 200 thousand devices in more than 100 countries for more than $4 billion in losses—all in under 24 hours.
While both attacks were widely discussed and among the most damaging in history, NotPetya was especially nefarious for its intent to damage infrastructure as well as soliciting a ransom. Ransomware attacks, especially successful ones, tend to be high-profile affairs. With a slew of them already grabbing headlines in a still-young 2018, they’re bound to continue being a favored tool of hackers in the year ahead.
5. Use Protection When Mobile Banking or Risk Spreading Viruses
The total number of smartphone users is expected to eclipse the 2 billion mark by 2019. The coming year will undoubtedly see mobile devices increasingly within the crosshairs of hackers. Malicious apps are the preferred method for hacking smartphones by a large margin. Webroot has analyzed more than 62 million mobile apps to date, and found a concerning 32 percent of those analyzed in 2017 to be malicious in nature.
What’s the most common type of malware delivered via malicious app? Download the full 2018 Webroot Threat Report to find out.
Handpicked for you:
By Lily Teplow
By Brian Downey
By Dave LeClair