comment on this article

What shaped the threat landscape in 2018?

Skybox Security, a specialist in cybersecurity management, has just published its latest Vulnerability and Threat Trends Report.

The report looks at the vulnerabilities, exploits and threats that were in play over the last twelve months and is intended to help guide organisations as they look to align their security strategy with the reality of the current threat landscape.

What immediately strikes you when reading the report is the number of new vulnerabilities published in 2018. The National Vulnerability Database (NVD) assigned 16,412 new CVEs, a 12-percent increase over the previous year, which itself was already at an all-time high.

However, Skybox Director of Threat Intelligence Marina Kidron said that these record-breaking figures should now be seen as the new normal.

“It would come as no surprise if 2019 breaks the CVE record again,” said Kidron. “The challenge of answering, ‘What do I fix today?’ is only getting harder — unless you have the right information to contextualize this mountain of data.”

The report suggests that it is no longer practical to ‘focus’ attention on all the likely threats that a business will face, rather companies should be identifying risks that could be exploited – otherwise resources will end up going to the wrong place.

Other findings of the report include risks to the growing attack surface, including operational technology (OT) networks. Attacks on OT were up 10-percent between 2017 and 2018 and while these attacks range in motive and their impact, the WannaCry outbreak in Taiwan Semiconductor Manufacturing Company showed how a cybercriminal tool like ransomware, nation-state threats and internal exposure can create the perfect storm to wreak havoc on a network, as well as its bottom line.

The report also warned of a false sense of security in cloud networks. While security of clouds is relatively strong, misconfiguration issues within them can still abound and security issues can arise within the applications used to manage such networks.

A number of examples can be given of attacks on cloud networks, but a notable one from 2018 targeted Tesla’s Amazon Web Services network. While attackers could have accessed a variety of information, they instead used the opportunity to launch a malicious cryptominer, pointing to a larger trend in the threat landscape of stealing computational power rather than data - cryptomining now account for 27 percent of all attacks.

The report concludes that incorporating threat intelligence in vulnerability management programmes will give organisations the edge they need if they are to have any chance of countering what is a fast moving, dynamic threat landscape.

Neil Tyler

Comment on this article

This material is protected by MA Business copyright See Terms and Conditions. One-off usage is permitted but bulk copying is not. For multiple copies contact the sales team.

What you think about this article:

Add your comments


Your comments/feedback may be edited prior to publishing. Not all entries will be published.
Please view our Terms and Conditions before leaving a comment.

Related Articles