Threat Research – Surveying the Landscape

By: Paul John, Senior Security Architect, Secureworks

Staying aware of online threats, techniques and markets remains a key part of cyber defence

In my upcoming presentation ‘The Cyber Threat Landscape’ at Enterprise Security and Risk Management Dubai, I’ll be presenting the latest intelligence on the cyber threat landscape from the Secureworks Counter Threat Unit. I will share information on the most recent emerging threats, trends and observations of the current landscape in Saudi Arabia and the Middle East and will discuss some of our common recommendations to our customers on how best to protect themselves.

Secureworks Counter Threat Unit has been tracking cybercrime activity for over ten years, as part of our work to protect our clients. As a result, we collect a large amount of data on the criminals, their activities and on their infrastructure and systems, giving us an unparalleled insight into the current threat landscape.  We collate and publish this on an annual basis as our State of Cybercrime report.

Globally, we’ve seen a number of key trends over the past year. Ransomware of course continues to be a key threat, with nearly 200 new variants released in 2016 alone, a dramatic increase over the previous year.

Malware too remains a significant problem. Increasingly, we’re seeing highly specific bespoke variants, particularly in the banking and financial sector, designed to target particular organisations for a precise purpose. It’s not just major banks though – some less obvious targets are being seen too, for example payroll processing portals and funds transfer companies.

That’s not to say though that commodity versions of malware have disappeared – mass scale of distribution continues to mean a good return on investment for cyber criminals.

Mobile malware is growing too, aimed at Android devices, capable of spying on devices and locking them for ransom.

This commodity malware, mobile or otherwise, offers a low barrier to entry to criminals, with ready-to-purchase malware kits and reasonably priced botnets available for use on the dark net. Not surprisingly then, spam remains a classic tool that continues to evolve. One observation CTU researchers made last year was that malware containing spam is usually sent during the working week whereas pharmaceutical spam tends to arrive at weekends!

That is just a very small sample of the information presented in this year’s Report. Overall, it’s clear that cybercriminals remain dedicated to their craft, with their tools and organisational approaches adapting in response to changes in their environment.

If you’d like to read the 2017 State of Cybercrime Report, please download it from the Secureworks website. To find out more about how these trends translate to our particular region, please attend my presentation at 11.40am.

About the author: As Senior Security Architect, Paul is an experienced professional with over 12 years of extensive experience in information system security. He has provided professional consulting and has designed, implemented and maintained complex information security solutions. He specialises in information security solutions that help organisations to enhance their security posture such as Security Information and Event Management, Network and Endpoint Forensics, Data Loss Prevention, Vulnerability Management and Endpoint Security. His extensive experience and thorough understanding of the information security space helps customers in choosing the right technologies and platforms, and in integrating them together to provide defence-in-depth security solutions.

Secureworks will also be exhibiting at Enterprise Security and Risk Management Dubai, 11 October 2017, Dubai. Please visit the Secureworks stand and attend Paul’s presentation or look at our website for further information.