Cylance Inc., the company that revolutionised endpoint security with true AI powered threat prevention, released the Cylance 2017 Threat Report.
The report provides a real-world glimpse into the major cyberthreats that affected Cylance’s diverse customer base in 2017, industry trends and analysis, and data from thousands of government entities and organisations of all sizes across 160 countries that have adopted a prevention-first approach to security.
Among the highlights:
- Destructive attacks continue to rise with ransomware families leading the pack by growing three-fold during the year and affecting the healthcare industry the most
- 50% to 70% of 2017’s attacks exploited known vulnerabilities reported more than nine months prior to the attack
- The most common infection vectors remained email phishing and drive-by downloads
- The food/beverage/restaurant industry suffered the greatest volume of attacks
The report also explores the exponential growth of malware variants and the ease with which they can be deployed. Malware variants are a challenge for legacy security solutions that rely on signatures to detect threats given their short life span. Conversely, more than 50% of the threats Cylance prevented were not seen in any other environment, further supporting the need for organisations to consider advanced malware detection and prevention technologies.
“Cybercriminals are adept at modifying their malware and methods to stay ahead of traditional protections that organisations deploy, as seen by the rise in infections and sophistication of attacks in 2017,” said Rahul Kashyap, worldwide chief technology officer at Cylance. “It’s critical that companies are aware of the threats, keep up-to-date with patches, and use defenses that protect against constantly evolving malware.”
The Cylance Threat Report details the impact of malware on specific industries and dives into specifics on the top 10 malware families: WannaCry, Upatre, Cerber, Emotet, Locky, Petya, Ramnit, Fareit, PolyRansom and Terdot/Zloader. The report also discusses other threat trends, including emerging supply chain attacks, fast-rising ransomware attacks and the top industries affected by them, the growth of crypto-miners, wallet-swiping trojans, and firmware and hardware vulnerabilities.
“The attacks and threats of 2017 are a reminder of the ingenuity and destructive capabilities of threat actors,” said Aditya Kapoor, head of security research at Cylance. “All indicators point to a perfect storm with the explosion in the number and types of endpoints requiring protection, the rise in the diversity of attack types, and the ease with which they can be accessed and weaponised.”