Today’s critical threats: A Cisco Security threat report

February 21, 2019 | Views: 2723

Begin Learning Cyber Security for FREE Now!

FREE REGISTRATIONAlready a Member Login Here

Author : Ben Nahorney

For more than a decade, Cisco’s security reports have been a definitive source of intelligence for security professionals interested in the state of the global industry. These comprehensive reports provided detailed accounts of the threat landscape and their organizational implications.

Today we are publishing our second report for 2019: Defending against today’s critical threats. This whitepaper looks back at the threat landscape over the past last year, highlighting some of the key cybersecurity incidents during that time frame. However, this isn’t just another retrospective report, fondly looking back at events that have already come to pass.

What we’ve done here is pick out five stories that, while they occurred in the recent past, could very well portend what is yet to come for the threat landscape. It’s as close as we can get to making predictions without reading too much into patterns in the digital tea leaves.

Take modular threats for example. These are highly adaptable threats, where different components can be downloaded and leveraged depending on the environment it finds itself in. Such threats have existed for a while, but two in particular have stood out recently.

The first is Emotet. This threat has been around for a few years, but has grown to become a threat distribution network and a force to be reckoned with. The threat’s modularity gives it the ability to change the payload depending on the circumstances.

Another example is VPNFilter—an IoT threat that hit a vast number of routers, likely compromising them by exploiting known vulnerabilities. This threat included a plug-in system that could extend its functionality, depending upon the environment it found itself in and the attackers intended goal.

Another key trend that we expect to continue into the near future is the use of email as a threat delivery vector. Email has been, and will likely continue to be, the most common method for distributing new threats. If you get email, you probably get malware delivered too. Emotet consistently relies on email campaigns to infect new computers, as does cryptomining and digital extortion campaigns (a topic we’ll soon cover in our Threat of the Month series).

And of course, we expect the primary modus operandi for threat actors will remain the same in the near future: money. From cryptomining to Emotet to ransomware, when you distill many threats down to their essence it’s all about the bad actors lining their pockets.

These are some of the trends we expect to see in the near future. Of course it’s impossible to predict everything that will occur, but the safest bets are usually the ones you most often come up against. Addressing those early can free up time to deal with the unexpected.

Download a copy of our first 2019 Threat Report, Defending against today’s critical threats today and start prepping for the things that are likely to come.

As seen on :

Share with Friends
Use Cybytes and
Tip the Author!
Share with Friends
Ready to share your knowledge and expertise?
1 Comment
  1. I hear a lot about email related threats but not a lot about airborne related threats.

    Lately, cellphones and computers all come equipped with bluetooth technology, as well as other forms of connectivity like proximity connectivity, etc.

    Usually, when consumers buy these devices, these services, like bluetooth are already turned on. With smart homes having IoT and hubs, etc., has there been an increase in intrusions with or from threats like Blue-borne, or bluetooth hacking, etc?

    in addition, with XBox unique way of being able to connect to computers unlinevother devices, are they being used along with Roqui devices with universal remotes to control devices in home to hack other devices?

    I am a victim and I was wondering if there are others, and I do appreciate the threat updates.

Comment on This

You must be logged in to post a comment.

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Support Cybrary

Donate Here to Get This Month's Donor Badge


We recommend always using caution when following any link

Are you sure you want to continue?