Reviewing the threat landscape over the past year, we have highlighted some of the key cybersecurity incidents that occurred.
While these instances have occurred in the recent past, they indicate what is yet to come.
1. Modular Threats
These are highly adaptable threats, where different components can be downloaded and leveraged independently, depending on the environment in which it is found.
The first example of a modular threat is Emotet, which expertly worms itself through an organization's network, infecting as many workstations as possible. It then uses advanced mechanisms to hide itself and evolve in order to increase payloads or avoid detection.
VPNFilter is a modular IoT (Internet of Things) threat that has hit a vast number of routers. Using the default admin credentials to a router, VPNFilter performs a man-in-the-middle attack, downloading additional agents and capturing information communicated using these affected routers.
2. Threat Delivery via Email
Email has been, and will likely continue to be, the most common method for distributing new threats. If you get email, you probably get malware delivered too. Newly developed malware, ransomware, and other threats rely on email to distribute their attacks to a wide range of recipients.
It comes as no surprise that the primary motivator for carrying out these attacks is money. From cryptomining to Emotet to ransomware, when you distill many threats down to their essence, it's all about the bad actors lining their pockets.
While it's impossible to predict exactly what to expect from these bad actors moving forward, it is possible to read a page from their playbook and use this knowledge to protect your organization now.
Contact SSVA to discuss implementing the necessary protections for your business.