We would like to keep you up to date with the latest news from Digitalisation World by sending you push notifications.
Digital Newsletter
Each week our editor Phil Alsop rounds up the most popular articles, videos and expert opinions. We compile this into a Digital Newsletter and send it straight to your inbox every week.
Digital Magazines
We'll let you know each time a new edition of Digitalisation World is released so that you're always kept up-to-date with the latest and greatest news and press releases.
Video Magazines
The Digitalisation World Video magazine contains the latest Zoom interviews with experts in the industry.
While a couple of high profile breaches stole the spotlight in 2017, Cofense’s global security team uncovered a number of less visible evolutions that dramatically changed the threat landscape and continue to pose threats. Malicious actors demonstrated how quickly they could exploit recently disclosed vulnerabilities, change how they use or modify malware, and how swiftly they could profit from new attack surfaces – including the proliferation of cryptocurrencies and the enterprises moving to cloud platforms.
Based on the analysis of millions of messages received daily from a wide range of sources, the report details notable insights on phishing-specific threats seen in 2017 and what is to come, including:
· The proliferation of cryptominers. 2017 saw the rise of cryptominers infiltrating computers via phishing emails and recruiting of victims’ computers for their armies of cryptomining botnets. The compromised computers perform cryptocurrency mining to generate currency for the threat actors while reducing the efficiency of infected computers.
· Surge in abuse of business-critical platform features. Office Macro scripting took the lead in Office-based attacks (almost 600 campaigns analyzed), making use of Windows-based interoperability functionality for malicious purposes. Cofense analysed nearly a hundred campaigns that abused Microsoft Office Object Linking and Embedding (OLE).
· Massive amount of new ransomware campaigns. While 2016’s Locky and Cerber ransomware continued to hold encrypted files hostage in 2017, several prominent new ransomware families also emerged in major phishing campaigns. In fact, five of the top ten new malware varieties in phishing email were new ransomware varieties, demonstrating ransomware operators’ drive to evolve and survive. Many attackers require bitcoin as the preferred method of ransom payment, going as far as providing the victim step-by-step payment instructions using their cryptocurrency of choice.
· The opportunism of disclosure. Threat actors quickly took advantage of disclosed or leaked vulnerabilities. After Microsoft Office’s Dynamic Data Exchange (DDE) abuse technique was disclosed by a security researcher, Cofense observed exploits across various malware utilities just a week later.
“Understanding what vulnerabilities malicious attackers took advantage of yesterday is critical when preparing for the threats of tomorrow,” said Aaron Higbee, Co-Founder and CTO at Cofense. “As delivery methods evolve daily and malware innovations accelerate, timely attack intelligence is critical and must extend across organisations. Now is the time for every inbox to be a sensor and every employee to be a security evangelist that can trigger organisation-wide security orchestration to break the attack kill chain at delivery.”
Looking ahead, the report finds that ransomware attacks will continue to develop, including more ransomware operators engaging in negotiations and the diversification in types of cryptocurrencies demanded. The financial success of ransomware campaigns proves that crime does pay for malicious actors looking for fast profitability. The report also predicts cloud services will grow as an attack surface and we’ll continue to see the development of more enhanced malware delivery attacks.
