omidomi
Level 71
Thread author
Verified
Honorary Member
Top Poster
Malware Hunter
Well-known
Forum Veteran
The threat landscape in 2016 is almost completely unrecognisable from that of ten years ago. Today’s landscape is populated by actors who are well resourced, highly determined and increasingly sophisticated, not to mention motivated by anything from ideology (hacktivists and cyber terrorists), geopolitical gain (state-sponsored hackers) or, most popularly, money. While there are still the worms and viruses of old popping up, most cyber criminals have all but abandoned these vectors in favour of more targeted, covert and successful attacks.
Targeted attacks and Advanced Persistent Threats (APTs) first surfaced publically in around 2010, when the so-called Operation Aurora attacks on Google and others foreshadowed the firm’s exit from China. Stuxnet quickly followed and suddenly the floodgates were open. Typically beginning with a “spear phishing” email or social media message using social engineering techniques, malware is the triggered to download onto the system. The malware will quietly load in the background without the user’s knowledge, escalating privileges inside the network until it finds the data it’s looking for. Attackers spend time researching their targets on the internet to hone their phishing lures, and are increasingly zeroing in on IT administrators, whose privileged accounts will give them unlimited access. They also spend time researching possible vulnerabilities on the system so that the malware can bypassing existing defences.
The cybercriminal underground that sits beneath all of this on the “Dark Web” of anonymisation networks like Tor and I2P and private forums is a immense, enigmatic beast. Estimates have put its size between 4-500 times the size of the “surface” web. There cybercriminals buy and sell stolen credit cards, identities, exploit kits and other attack tools which have democratized the ability to launch sophisticated targeted campaigns.
The fact that enterprises are now hugely more exposed to such threats through a flood of new vulnerabilities appearing every month, and through an explosion of new cloud services and applications, makes the bad guys’ jobs even easier. That organisations have to secure these increasingly complex environments with minimal budget is just the icing on the cake. Yet the stakes are higher than ever. The average cost of a data breach stood at $3.79m in 2015, up 23% in just two years. The repercussions are immense: loss of brand and shareholder value, damage to customer loyalty, legal costs, financial penalties, and remediation and clean-up costs to name but a few. Target claimed in Q2 2014 alone that losses related to its massive breach totalled $148m, a staggering amount but one that just begins to scratch the surface.
Targeted attacks and Advanced Persistent Threats (APTs) first surfaced publically in around 2010, when the so-called Operation Aurora attacks on Google and others foreshadowed the firm’s exit from China. Stuxnet quickly followed and suddenly the floodgates were open. Typically beginning with a “spear phishing” email or social media message using social engineering techniques, malware is the triggered to download onto the system. The malware will quietly load in the background without the user’s knowledge, escalating privileges inside the network until it finds the data it’s looking for. Attackers spend time researching their targets on the internet to hone their phishing lures, and are increasingly zeroing in on IT administrators, whose privileged accounts will give them unlimited access. They also spend time researching possible vulnerabilities on the system so that the malware can bypassing existing defences.
The cybercriminal underground that sits beneath all of this on the “Dark Web” of anonymisation networks like Tor and I2P and private forums is a immense, enigmatic beast. Estimates have put its size between 4-500 times the size of the “surface” web. There cybercriminals buy and sell stolen credit cards, identities, exploit kits and other attack tools which have democratized the ability to launch sophisticated targeted campaigns.
The fact that enterprises are now hugely more exposed to such threats through a flood of new vulnerabilities appearing every month, and through an explosion of new cloud services and applications, makes the bad guys’ jobs even easier. That organisations have to secure these increasingly complex environments with minimal budget is just the icing on the cake. Yet the stakes are higher than ever. The average cost of a data breach stood at $3.79m in 2015, up 23% in just two years. The repercussions are immense: loss of brand and shareholder value, damage to customer loyalty, legal costs, financial penalties, and remediation and clean-up costs to name but a few. Target claimed in Q2 2014 alone that losses related to its massive breach totalled $148m, a staggering amount but one that just begins to scratch the surface.
