LATEST INTELLIGENCE
2019
VULNERABILITY AND
THREAT TRENDS
PRESENTED BY
Download whitepaper here
KEY FINDINGS Cloud security is strong but not bulletproof.
2018 will be remembered as the year
when cryptomining rose in prominence,
overtaking ransomware as the
cybercriminal tool of choice. While cloud networks are relatively secure,
attacks continue to occur like that against Tesla’s
AWS network in February 2018. The attack
exploited an insecure Kubernetes console to launch a
malicious cryptominer.
Cryptomining attacks represented 27 percent
of all incidents last year, rising from 9 percent in
2017 and far surpassing ransomware’s 13–percent
share in 2018. Its rise in popularity could be owed
to the fact that cryptomining attacks are faster
to execute, generate profit for the attacker over a
longer period of time and often can occur without
the victim’s knowledge.
2018 brought more examples of exploits
derived from patches.
This phenomena makes it ever more important for
security teams to track exploitability and be able
to quickly understand where and how to deploy
temporary mitigations when immediate network-
wide patching proves impossible.
14
INTELLIGENTCIO
Applications used to manage cloud deployments
and misconfigurations also can pose a significant risk
in cloud security, especially in increasingly complex,
hybrid and fragmented networks.
Internal exposures pose a significant risk in
vulnerable operational technology networks.
OT networks are still worryingly vulnerable, with
attacks increasing by 10 percent in 2018 over the
previous year. OT attacks can range in motive and
impact, but the WannaCry outbreak in Taiwan
Semiconductor Manufacturing Company is a prime
example of how the combination of ransomware,
worms and internal exposure can wreak havoc on a
network – and a company’s bottom line. n
www.intelligentcio.com