In the last step you looked at the OWASP Top 10 web application vulnerabilities. However, web applications are just one of the cybersecurity threats faced.

In this section, we will look at a wider cybersecurity threat landscape, and discuss the impact of these threats.

NCSC Business Threats

The NCSC (National Cyber Security Centre) has an overview of the Top threats to businesses from 2018.

This highlights the following issues:

Ransomware

Ransomware attacks were the dominant trend. With the well known WannaCry attack affecting machines worldwide and affecting organisations such as the NHS, Nissan, Renault and FedEx.

Ransomware is where the attacker is able to take control of the files on a system, and restrict the users access to them. This is usally done by encrypting the files on the target. The victim is then required to pay the attacker for the files to be decrypted.

While WannaCry was well publicised, it is also interesting to note that less direct ransom based attacks also increased. Organisations were threatened with DDOS (Distributed Denial Of Service, where the attacker overwhelms the infrastructure of the target, shutting down access to the vicitms servers) attacks on infrastructure, unless a ransom was paid. It has been calculated that DDOS style attacks increased by 91% over 2017.

Data Breaches

The number, and scale, of data breaches continues to rise. There were several large scale data breaches, including:

• Equifax: Over 200 Million account details released
• Verziron: Over 14 Million account details
• Uber: 57 Million account details leaked

One interesting point to note with the Uber attack, was the organisation paid $100,000 to the hackers to delete the data. This mix between ransom and data breaches seems to be a trend of cyber criminals monetising their hacking activities.

It also seems that information from data breeches is being aggregated. As of January 2019, the largest collection of credentials was released, with over 2.7 Billion records, and 773 Million Unique account details, was discovered by Troy Hunt. https://www.troyhunt.com/the-773-million-record-collection-1-data-reach/

Supply Chain Issues

Installing malware into well know applications, and persuading the users to download and install them. This means that "legitimate" software becomes an attack vector.

While the NCSC report focuses on business, there has been an increase in malware for mobile devices,
https://www.trendmicro.com/vinfo/gb/security/research-and-analysis/threat-reports/roundup/2017-mobile-threat-landscape. This comes partially from users installing untrusted apps, but also includes issues with hardware and software on the devices themselves.

Phishing and Social Engineering

A rise in phishing attacks shows this technique of compromising a system is still a major threat. (Around 90% of all cyber attacks begin with some form of Phishing). We will discuss this in a future section.

The Internet of things (that go bump in the night)

With the rise in a "connected lifestyle" (Estimates of > 11 Billion "Things" connected by 2018) there have been some major issues with IoT devices. Domestic items like fridges were discovered to be part of botnets. (A botnet, is a collection of comprimised computers, which can be used as part of a cyberattack such as Denial of Service) While this kind of attack is relatively new, as the devices increases in number and processing power, they represent a significant security threat.

Your task

The NCSC report focuses on the impact for businesses. In the forum discuss how you think these issues could affect individuals. Are the threats the same? What are the differences between threats to Business and Individual? How do you think the threat landscape has changed since the report was published?

Links

https://www.enisa.europa.eu/publications/enisa-threat-landscape-report-2018 https://live.ncsc.gov.uk/blog-post/rats-mimikatz-and-other-domestic-pests