Geo-Political Tensions Are Fuelling Cyber Attacks
Billions of personal records were stolen in 2018, unearthed in breaches that successfully targeted household names in government, technology, healthcare, travel and hospitality. Compounding the problem has been increased geopolitical tension between western democracies and countries like Russia, China and North Korea.
Modern cyberattacks appear to increasingly be fueled by geopolitical tension and reveal how clever attackers have become in evolving to remain undetected, using techniques such as lateral movement, island hopping and counter incident response to stay invisible, according to Carbon Black’s January 2019 Global Threat Report.
In 2016, fileless attacks such as PowerWare and the alleged hack against the Democratic National Committee (DNC) stole sensitive information and global headlines. In 2017, WannaCry, NotPetya and BadRabbit demonstrated ransomware’s global ubiquity. Then, as we kicked off 2018, the Spectre and Meltdown vulnerabilities offered an ominous start to a year that many thought would be marred by high-profile, global-scale cyberattacks. In some respects, the prognosticators were correct.
Billions of personal records were stolen in 2018, unearthed in breaches that successfully targeted household names in government, technology, healthcare, travel and hospitality. Compounding the problem has been increased geopolitical tension between western democracies and countries like Russia, China and North Korea.
Modern cyberattacks appear to increasingly be fueled by geopolitical tension and reveal how clever attackers have become in evolving to remain undetected, using techniques such as lateral movement, island hopping and counter incident response to stay invisible.
According to Carbon Black’s threat research, we believe 2019 promises to be a year where endpoint visibility becomes more paramount than ever as attackers continue to evolve and global tensions increase.
Key Findings
- The top five industries targeted by cyberattacks in 2018, according to Carbon Black’s global threat data, were: Computers/Electronics, Healthcare, Business Services, Internet/Software, and Manufacturing
- As 2018 came to a close, CB TAU saw several cyberattacks targeting global governments that included indicators of compromise attributable to North Korea
- Approximately $1.8 Billion of cryptocurrency related thefts occurred in 2018
- Nearly 60% of attacks now involve lateral movement
- Half of incident response engagements now involve instances of counter incident response
- Half of cyberattacks today use the victim primarily for island hopping
- IR firms are encountering destructive attacks during 32% of investigations.