Published on March 21st, 2018 | by Joel Roy
Report Reveals Latest Techniques Used to Compromise Critical Infrastructure and Enterprises
During the past year, SS8 sensors and analytics deployed globally within live production networks have detected a variety of techniques used to compromise and steal data (intellectual property) from organizations in key industries spanning critical infrastructure, enterprises and telecommunications.
We’ve analyzed a variety of network environments, and from that, have now published what we refer to as our 2018 Threat Rewind Report.
The report reveals the top evasion and exfiltration techniques actively being used by attackers to disrupt critical infrastructure and enterprises from the past year.
You can download a copy of the report here: http://go.ss8.com/2018-Threat-Report
The Threat Rewind Report was published to help educate and better-prepare today’s large enterprise, service providers and national governments about the most sophisticated attack techniques hiding in today’s networks and evading preventative cybersecurity defenses.
What did we find? While some of the findings are what you might expect to see from a sophisticated attack, others were very informative. Phishing is still considered the most effective technique in the attacker’s arsenal. We saw 33% were victims of phishing attacks involving popular domain names, such as Google, Facebook and Bank of America. Praying on the trust that users have placed in these popular brands makes it very easy to mistake faceb00k.com and tunnblr.com with the real domain.
And while many of us don’t understand cryptocurrency, finding Bitcoin traffic on the network is alarming. We saw 25% of environments had Bitcoin traffic traversing the network. Most ransomware infections today demand payment in the form of Bitcoins, and any traffic could indicate a potential ransomware involving malware such as WannaCry.
Interested in what else we found? Check out the report to see the other key findings, attack methodologies and future trends.