In an ever-evolving threat landscape, cybersecurity is no longer just about safeguarding sensitive data and other digital assets by merely keeping cybercriminals and other threat actors out of networks, systems, devices, and underlying technologies. Now it is also about having to proactively stop them in their tracks before they even gain a foothold in their spheres of operation.
The notable threats in the first half of 2019 drove this point home, what with the prevalence of so-called fileless threats that “lived off the land” — abusing legitimate and typically whitelisted system tools to do their malicious bidding — and the presence of malware and phishing campaigns that took advantage of security lapses and diversified in the ways they counted on the still unpatched flaw that was human vulnerability.
Ransomware operators distinctly set their sights on organizations, with crippling ramifications: Their attacks proved they could strike with such severity that some victims were even strong-armed into acquiescing to the cybercriminals’ exorbitant demands. For many cryptocurrency-mining threats, servers and cloud-based environments, having far more computing resources than endpoints, became their new frontier. Messaging platform — the bedrock underpinning many business transactions — were inundated with a range of threats, including business email compromise scams, sextortion schemes, and phishing incidents that did not rely on hacking human behavior alone.
Read the entire report here.