itb-au logo
Story image

Carbon Black releases 2019 global threat report

28 Jan 2019

Endpoint security solutions provider Carbon Black has released its 2019 Global Threat Report: The Year of the Next-Gen Cyberattack. The report is based on analysis and insight from the Carbon Black Threat Analysis Unit (TAU), who researched the current state of cyber attacks across the Carbon Black customer base and in conjunction with the company’s incident response (IR) partners, who conduct, on average, more than one incident response engagement per day using Carbon Black technology. 

Billions of personal records were stolen in 2018, unearthed in breaches that successfully targeted household names in government, technology, healthcare, travel and hospitality.

Compounding the problem has been increased geopolitical tension between western democracies and countries like Russia, China and North Korea.

To better understand the current attack landscape as we head into 2019, the Carbon Black Threat Analysis Unit (TAU) researched the current state of cyber attacks across the Carbon Black customer base and in conjunction with its incident response (IR) partners. The report found that while cryptomining, fileless attacks, ransomware and commodity malware are still causing havoc, a new breed of cyber attacks (seemingly fuelled by geopolitical tension) is emerging. “Modern cyber attacks appear to increasingly be fuelled by geopolitical tension and reveal how clever attackers have become in evolving to remain undetected — using techniques such as lateral movement, island hopping and counter incident response to stay invisible,” the report notes. “According to Carbon Black’s threat research, we believe 2019 promises to be a year where endpoint visibility becomes more paramount than ever as attackers continue to evolve and global tensions increase.”

Among the key findings from the report include:

  • Carbon Black customers, in aggregate, are seeing approximately 1 million attempted cyber attacks per day  
  • The top five industries targeted by cyber attacks in 2018, according to Carbon Black’s global threat data, were: Computers/Electronics, Healthcare, Business Services, Internet/Software, and Manufacturing  
  • As 2018 came to a close, Carbon Black saw several cyber attacks targeting global governments that included indicators of compromise attributable to North Korea  
  • Approximately $1.8billion of cryptocurrency related thefts occurred in 2018  
  • Nearly 60% of attacks now involve lateral movement. Cybercriminals are continuing to hide in plain sight and move laterally leveraging non-malware / fileless attack methods. PowerShell, Windows Management Instrumentation (WMI) and Secure File Transfer Protocol (SSH) were the top three legitimate applications attackers were leveraging in 2018, according to data gathered from Carbon Black’s IR partners.  
  • Half of incident response engagements now involve instances of counter incident response, another concerning sign that attackers have become increasingly sophisticated and are initiating longer-term campaigns — as well as a clear signal that incident response must get stealthier.  
  • Half of cyber attacks today use the victim primarily for island hopping – a term for the practice of infiltrating businesses that supply services to a target organisations  
  • IR firms are encountering destructive attacks during 32% of investigations

The report also includes specific threat intelligence information from CB TAU on some ubiquitous attack methods including: the Emotet banking trojan, Monero cryptomining attacks and ransomware that leverages open-source tools.

Link image
Phishing campaigns aren't stopping - but neither are their opponents
COVID-19 is presenting the perfect opportunity to cyber attackers to mount potentially devastating spear-phishing campaigns against organisations via their remote workers. Learn how to fight back.More
Story image
OpenIQ brings MaxContact contact centre solution to Oz
The combination will help Australian telephony vendors and resellers make an easy and cost-effective transition to cloud telephony.More
Story image
Case study: MECCA has HCM makeover with Workday
The phased HCM makeover began in 2017, when the company made the decision to launch a three to five-year program to digitalise its human capital management technology so that it could simplify everyday requirements for its team members and enable them to self-serve. More
Story image
Pure Storage acquires Portworx for $370m, extends Kubernetes services and support
Pure Storage has signed an agreement to acquire Portworx for approximately $370 million in cash, with the aim of extending Kubernetes and containers solutions and support. This deal represents Pure Storage’s largest acquisition to date. More
Story image
Google commits to 24/7 carbon-free energy by 2030
Alphabet and Google CEO Sundar Pinchai says the world must act now if it has any hope avoiding the worst climate change effects.More
Link image
Gartner: Edge and IoT deployments are stretching infrastructures
In the future, the role of infrastructure and operations will be to manage the global infrastructure and its associated services, moving away from only hardware and software.More