Cylance: "Phishing and drive-by downloads lead infection methods."



Spear-Phishing

The most common infection vectors are still email phishing and drive-by downloads according to the latest threat report from AI security specialist Cylance.

The report provides a real-world glimpse into major cyber threats that affected Cylance’s customer base in 2017. Along with industry trends and analysis, and data from thousands of government entities and organizations of all sizes across 160 countries that have adopted a prevention-first approach to security.

It shows destructive attacks continue to rise with ransomware families leading the pack, growing three-fold during the year and affecting the healthcare industry the most. More than half of 2017's attacks exploited known vulnerabilities reported more than nine months prior to the attack. The food, beverage and restaurant industry suffered the greatest volume of attacks.

The report explores the growth of malware variants and the ease with which they can be deployed. These variants are a challenge for legacy security solutions that rely on signatures to detect threats given their short life span. More than 50 percent of the threats Cylance prevented were not seen in any other environment, further supporting the need for organizations to consider advanced malware detection and prevention technologies.

"Cybercriminals are adept at modifying their malware and methods to stay ahead of traditional protections that organizations deploy, as seen by the rise in infections and sophistication of attacks in 2017," says Rahul Kashyap, worldwide chief technology officer at Cylance. "It's critical that companies are aware of the threats, keep up-to-date with patches, and use defenses that protect against constantly evolving malware."

The report also details the impact of malware on specific industries and looks at specifics on the top 10 malware families which include WannaCry, Locky, Petya, Ramnit and Terdot/Zloader. It discusses other threat trends too, including emerging supply chain attacks, fast-rising ransomware attacks and the top industries affected by them, the growth of crypto-miners, wallet-swiping trojans, plus firmware and hardware vulnerabilities.

You can download a full copy of the Cylance 2017 Threat Report from the company’s site.


Free Phishing Security Test

Did you know that 91% of successful data breaches started with a spear-phishing attack?

Cyber-attacks are rapidly getting more sophisticated. We help you train your employees to better manage the urgent IT security problems of social engineering, spear-phishing and ransomware attacks. Take the first step now. Find out what percentage of your employees are Phish-prone with our free test. Did you know that KnowBe4 also supports "Vishing" where you can actually send your users simulated voice mail attacks?

Get Your Free PST Now

PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:

https://www.knowbe4.com/phishing-security-test-offer

Source: Betanews


Topics: Phishing



Subscribe to Our Blog


Comprehensive Anti-Phishing Guide




Get the latest about social engineering

Subscribe to CyberheistNews