5 New Cyber Threats: Prepare to Defend Your Business

Cyber threats are ever present, and ever evolving. As technology becomes more complex and sophisticated, so do the tools, techniques and targets of cyber criminals. The number and type of threats to an organization's data, customers, reputation and bottom line grow and diversify each year, with attackers exploring new ways to exploit vulnerabilities and cover their tracks.

The latest Internet Security Threat Report from Symantec™, a global leader in cyber security solutions, indicates that digital security threats continue to come from new and surprising sources. Here are five trends that Travelers is watching, to help defend your business now and into the future.

1. Coin-mining Attacks on the Rise

The rise in value and types of cryptocurrencies have made coin mining an attractive revenue source for cyber criminals, with an 8,500 percent increase in detections of coin miners reported in 2017. It only takes a few lines of code for hackers to steal a device's processing power or cloud CPU usage to mine for cryptocurrency. But that small intrusion can have significant costs. Your infected device may exhibit slower performance, overheated batteries or become completely unusable, and you also may see broader consequences like spikes in the cost of electricity and cloud services after an attack.

Experts predict a shift from consumer targets to enterprise and Internet of Things (IoT) devices as cyber criminals look to "mine en masse."

2. Malware Sneaks into Software Supply Chains

Cyber criminals are increasingly exploiting software updates to deliver malware. Attackers, pretending to be a trusted source, replace legitimate updates with malicious versions through direct compromise, direct ownership, or by hijacking the domain or IP address from which the update is downloaded. In 2017, this type of attack occurred once a month compared to once every quarter the previous year. In particular, widespread use of "auto-update" can lead to quick, largely undetected distribution of malware — a particularly vexing problem since regular software updates are generally considered to be a sound cyber security practice.

3. Ransomware Used More for Decoy than Dividends

Ransomware, a form of malware that targets your critical data or systems for the purpose of extortion, appeared to be on its way out as a crowded market drove profitability down. But a 46 percent rise in the number of variants detected in 2017 proved otherwise. Cyber criminals made a creative "market correction," using ransomware less to generate revenue and more to disguise other attacks. While administrators are distracted responding to a ransomware attack, malware like keyloggers and remote access “trojans” can be covertly installed, then used for data theft, espionage or financial gain. Though decoy attacks are nothing new, the shift to using ransomware as a decoy from Distributed Denial of Service Attacks (DDoS) is new — and experts predict targeted attacks against specific organizations and populations using this method will continue to rise.

4. Targeted Attack Groups Take Aim at U.S. Organizations

Collectives of cyber criminals with specific motives against specific targets are also on the rise. With names like Butterfly, Turla and Dragonfly, they have compromised large companies and even entire governments. Their motives include espionage, sabotage and financial gain. And their methods are sophisticated. Many of these collectives identify a vulnerability and then use a targeted phishing campaign – sometimes called “spear phishing” – to access a particular device, and then use stolen credentials to “pass the hash” and open network share exploits. This allows the cyber criminals to move laterally between the targeted device and the network where the intended attack is completed. Such attacks rose 10 percent in 2017, and U.S. organizations were the target of more than 50 percent of them.

5. User Behavior May Be Aiding Rise in Mobile Malware

When it comes to cyber risk, size doesn't matter. Mobile devices are susceptible to threats just like the largest networks and systems. From DDoS bots to coin miners, the number of mobile malware variants detected rose by 54 percent in 2017, with an overwhelming 99.9 percent hosted on trusted third-party app stores. More concerning, the data shows that consumer and enterprise users alike make it easy for cyber criminals to compromise their devices. As few as 20 percent of Android users, and 77 percent of iPhone users, are running the newest, major iOS release. As many as 95.2 percent of enterprise devices, and 90.5 percent of consumer devices, are not passcode protected. And the growing use of "jailbroken" devices that bypass security controls remain even more vulnerable to attacks.

When it comes to cyber risk, it's not a matter of if an attack will occur, but when. Maintaining a broad view of cyber criminals' ever changing tactics can help you prepare to prevent and defend against the threats they pose. Travelers’ expertise, products, tools, partnerships and risk management resources are here to help your business protect its assets against evolving risk.

The figures and statistics referenced herein are contained in the Symantec™ Internet Security Threat Report, Volume 23, 2018. For more insights and information, read the full report at https://www.symantec.com/security-center/threat-report, then visit travelers.com/cyber.