Understanding the threats that are evolving in your environment is an important part of a cyber security strategy. Unraveling the methods and tools that have been used in recent cyber attacks will help your organization to better understand and protect against a possible threat.
As well as understanding the tools used in an attack it's also important to take a look at the motivations behind an attack. Many criminals are looking for financial gain from an attack, using ransomware as way of getting a victim or organization to pay to regain access to their files. Other motivations include espionage and ideological, where attacks are used to gain access to political or military information.
We've taken a look at some of the biggest attacks to have happened in recent months and how they're shaping the threat landscape.
Recent cyber attacks can be split into three area of motivation, as shown in the figure below.
In September 2017, the UK branch of Equifax revealed that up to 400,000 people in the country “may” have been affected by the giant security flaw in the US. A flaw in the American firm’s systems left the data of a potential 143 million people exposed and numerous PII had been exposed.
The WannaCry ransomware attack was possibly the most well known attack to have happened in 2017. A financially motivated attack, it brought down much of the NHS, and other organizations in 150 countries. It hit the headlines in May 2017 and is estimated to have financial losses around the $4 billion mark.
US Democratic Party
An ideologically motivated attack, a member of the Clinton administration was targeted by Russian APTs, and was socially engineered into entering personal details into a phishing website. The consequences? Over 60,000 confidential emails were published to WikiLeaks.
Threat landscape analysis
The attacks seen in 2017 were an unusual blend between the old (DDoS attacks becoming more prevalent with the compromise and use of global IoT networks) and new highly sophisticated targeted attacks on critical systems. However, attackers often focus on unsecure parts of a financial system (SWIFT attacks). The global threat landscape evolving at an unprecedented rate, with bigger and more sophisticated attacks on the horizon. Nettitude works with you to ensure that you're ready for when an attack happens. Remember, it's not about if an attack will happen, but when it will happen.
The full threat landscape analysis is available to read in our recent perception report. You can also find out about the latest news in the cyber security industry, how blockchain is revolutionizing the banking industry and find out if you are ready for GDPR.