For more than a decade, Cisco's security reports have been a definitive source of intelligence for security professionals interested in the state of the global industry. These comprehensive reports provided detailed accounts of the threat landscape and their organisational implications.
Today, Cisco is publishing its second report for 2019: Defending against today's critical threats. This white paper looks back at the threat landscape over the past year, highlighting some of the key cyber security incidents during that timeframe. However, this isn't just another retrospective report, fondly looking back at events that have already come to pass.
What Cisco has done here is pick out five stories that, while they occurred in the recent past, could very well portend what is yet to come for the threat landscape. It's as close as Cisco can get to making predictions without reading too much into patterns in the digital tea leaves.
Take modular threats, for example. These are highly adaptable threats, where different components can be downloaded and leveraged depending on the environment it finds itself in. Such threats have existed for a while, but two in particular have stood out recently.
The first is Emotet. This threat has been around for a few years, but has grown to become a threat distribution network and a force to be reckoned with. The threat's modularity gives it the ability to change the payload depending on the circumstances.
Another example is VPNFilter, an IOT threat that hit a vast number of routers, likely compromising them by exploiting known vulnerabilities. This threat included a plug-in system that could extend its functionality, depending on the environment it found itself in and the attackers' intended goal.
Another key trend that Cisco expects to continue into the near future is the use of e-mail as a threat delivery vector. E-mail has been, and will likely continue to be, the most common method for distributing new threats. If you get e-mail, you probably get malware delivered too. Emotet consistently relies on e-mail campaigns to infect new computers, as does crypto-mining and digital extortion campaigns (a topic we'll soon cover in our Threat of the Month series).
And, of course, we expect the primary modus operandi for threat actors will remain the same in the near future: money. From crypto-mining to Emotet to ransomware, when you distil many threats down to their essence, it's all about the bad actors lining their pockets.
These are some of the trends Cisco expects to see in the near future. Of course, it's impossible to predict everything that will occur, but the safest bets are usually the ones you most often come up against. Addressing those early can free up time to deal with the unexpected.
Download a copy of Cisco's first 2019 threat report.