Symantec held an exclusive briefing on the newly-released 2019 Symantec Internet Security Threat Report. In this article, we will share with you the full briefing video, as well as highlights from that Symantec cybersecurity report!
The 2019 Symantec Internet Security Threat Report
The 2019 Symantec Internet Security Threat Report is the 24th volume published so far. Based on data from Symantec’s Global Intelligence Network, the ISTR is designed to give businesses and the public an overview of the cybersecurity threat landscape.
The Symantec Global Intelligence Network, incidentally is the world’s largest civilian cybersecurity threat intelligence network. It records events from 12 million attack sensors across more than 157 countries worldwide, blocking 142 million threats every day.
The 2019 Symantec ISTR Briefing Highlights
Briefing us on the 2019 Symantec ISTR was Sherif El-Nabawi, Vice-President of Sales Engineering, Symantec APJ; and David Rajoo, Chief Cybersecurity Architect, Symantec ASEAN.
Diminishing Returns Of Ransomware + Cryptojacking
Ransomware, which encrypts and holds data hostage in return for payment in the form of cryptocurrency, has been hit by declining cryptocurrency values as well as increasing adoption of cloud and mobile computing. This led to a 20% drop in infections.
Cryptojacking, in which malware is used to steal computing power from consumers and enterprises to mine cryptocurrency is similarly hit by the drop in cryptocurrency value. Symantec noted that cryptojacking activity declined by 52% in 2018. Even so, it is still a major problem – they blocked 3.5 million attempts in December 2018 alone!
Formjacking Overtakes Ransomware + Cryptojacking
With diminishing returns from ransomware and cryptojacking, cybercriminals now prefer formjacking.
Formjacking is basically a form of virtual ATM skimming. They basically inject malicious code into an online shopping site to steal shoppers’ payment card details.
According to Symantec, more than 4,800 websites are compromised with formjacking code every month, and they blocked more than 3.7 million formjacking attacks on endpoints in 2018.
Generally, small and medium retailers are most widely compromised, and a third of the attacks happened during the business online shopping period of the year – from November through December.
Cloud Is The New Weak Point
With the greater adoption of cloud computing, the same security mistakes are happening in the cloud… with exponentially greater consequences. In 2018, more than 70 million records were stolen from poorly-configured AWS S3 buckets.
Hardware vulnerabilities like Meltdown, Spectre and Foreshadow also put cloud services at risk of being exploited to gain access to every protected memory space in the compromised server. In a single server, data from hundreds of companies could be stolen by a single exploit.
Living off the Land Attacks On Supply Chain
Supply chain attacks using Living off the Land (LotL) tools have increased by 78% in 2018. For example, the use of malicious PowerShell scripts increased by 1,000 percent last year, with Symantec blocking 115,000 of them each month – less than 1%.
These attacks are hard to defend against, because they use the same tools users and organisations need to function. Identifying and blocking them will require the use of advanced detection methods like analytics and machine learning.
Internet of Things (IoT) Attacks Are Changing
While the volume of attacks of IoT devices remains high and consistent with 2017 levels, their profiles are changing. In addition to routers and wireless cameras, attacks now have access to smart light bulbs and virtual voice assistants.
Smartphones Are The Greatest Spying Devices
According to Symantec, smartphones are the greatest spying devices ever created. Their research show that :
- 45% of the most popular Android apps and 25% of the most popular iOS apps request location tracking,
- 46% of popular Android apps and 24% of popular iOS apps request permission to access the smartphone camera, and
- email addresses are shared with 44% of top Android apps and 48% of top iOS apps!
- Google Password Checkup Guide – Read Before You Install!
- FB Messenger, Instagram + WhatsApp Integration Clarified!
- Kaspersky Lab Warns Of Malicious Cryptocurrency Mining!
- Kaspersky Lab Tips On Staying Safe While Shopping Online!
- The Kaspersky Global Transparency Initiative Explained!
- Eugene Kaspersky Interview Exclusive : No Kremlin Ties!
Go Back To > Cybersecurity | Home