Intelligent CIO Europe Issue 20 | Page 19

LATEST INTELLIGENCE CISCO CYBERSECURITY SERIES 2019 • THREAT REPORT FEBRUARY 2019 DEFENDING AGAINST TODAY’S CRITICAL THREATS A Defending against today’s critical threats PRESENTED BY s with driving, not only do you get a good look at what’s behind you, but you can often spot what’s coming up quick, set to overtake you. That’s the spirit of this threat report. We’ve picked out five key stories from the last year or so, not just because they were big events, but because we think these threats, or similar ones, could very well appear in the near future. Take modular threats like Emotet and VPNFilter, for example. These are threats that can deliver an on-demand menu of attacks and threats, depending on which device is infected or the intended goal of the attacker. We saw plenty of such modular threats in recent history and wouldn’t be surprised if we see more in the future. February 2019 Threat Report Download whitepaper here Email remains the darling delivery method of attackers, with threats from cryptomining to Emotet using it to spread. It’s also highly likely that other threats, such as unauthorised MDM profile, used it too. This highlights how critical it is to keep a close eye on what is coming in through your mailbox. www.intelligentcio.com Modus operandi Revenue generation continues to be a primary motivation for attackers: malware follows the money. Cryptomining threats, for instance, are laser-focused on this goal. Meanwhile, Emotet has pivoted to a threat distribution network, capitalising on a variety of options to make money. Data exfiltration has also taken its time in the spotlight. VPNFilter included the ability to exfiltrate data, among its many features. Emotet, beyond stealing network credentials to help it spread, was also seen spreading Trickbot, another popular infostealing banking trojan. Finally, some threats just want to watch the world burn, as is the case with Olympic Destroyer. We saw a number of threats like this in the last year, but none grabbed the headlines like an attack whose sole purpose appears to have been to disrupt the Winter Olympics. So, while we look back at some of the most impactful threats of 2018, it’s important to be mindful of what made these threats so successful. Many of them may be in the rearview mirror for now, but have you passed them, or are they speeding up to pass you and your security strategy? n INTELLIGENTCIO 19