Permalink
Cannot retrieve contributors at this time
Name already in use
A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?
DADA/Articles/st03_StateOfThreats.md
Go to fileThis commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
99 lines (73 sloc)
4 KB
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
--- | |
title: "Step 3: State of threats" | |
--- | |
In the last step you looked at the OWASP Top 10 web application | |
vulnerabilities. However, web applications are just one of the | |
cybersecurity threats faced. | |
In this section, we will look at a wider cybersecurity threat | |
landscape, and discuss the impact of these threats. | |
# NCSC Business Threats | |
The NCSC (National Cyber Security Centre) has an | |
[overview](https://www.ncsc.gov.uk/news/annual-review-2018) of the Top | |
threats to businesses from 2018. | |
This highlights the following issues: | |
## Ransomware | |
Ransomware attacks were the dominant trend. With the well known | |
WannaCry attack affecting machines worldwide and affecting | |
organisations such as the NHS, Nissan, Renault and FedEx. | |
Ransomware is where the attacker is able to take control of the files | |
on a system, and restrict the users access to them. This is usally | |
done by encrypting the files on the target. The victim is then | |
required to pay the attacker for the files to be decrypted. | |
While WannaCry was well publicised, it is also interesting to note | |
that less direct ransom based attacks also increased. Organisations | |
were threatened with DDOS (Distributed Denial Of Service, where the | |
attacker overwhelms the infrastructure of the target, shutting down | |
access to the vicitms servers) attacks on infrastructure, unless a | |
ransom was paid. It has been calculated that DDOS style attacks | |
increased by 91% over 2017. | |
## Data Breaches | |
The number, and scale, of data breaches continues to rise. There were | |
several large scale data breaches, including: | |
- Equifax: Over 200 Million account details released | |
- Verziron: Over 14 Million account details | |
- Uber: 57 Million account details leaked | |
One interesting point to note with the Uber attack, was the | |
organisation paid $100,000 to the hackers to delete the data. This | |
mix between ransom and data breaches seems to be a trend of cyber | |
criminals monetising their hacking activities. | |
It also seems that information from data breeches is being aggregated. | |
As of January 2019, the largest collection of credentials was | |
released, with over 2.7 Billion records, and 773 Million Unique | |
account details, was discovered by Troy Hunt. | |
<https://www.troyhunt.com/the-773-million-record-collection-1-data-reach/> | |
## Supply Chain Issues | |
Installing malware into well know applications, and persuading the | |
users to download and install them. This means that "legitimate" | |
software becomes an attack vector. | |
While the NCSC report focuses on business, there has been an increase in malware for mobile devices, | |
<https://www.trendmicro.com/vinfo/gb/security/research-and-analysis/threat-reports/roundup/2017-mobile-threat-landscape>. | |
This comes partially from users installing untrusted apps, but also | |
includes issues with hardware and software on the devices themselves. | |
## Phishing and Social Engineering | |
A rise in phishing attacks shows this technique of compromising a | |
system is still a major threat. (Around 90% of all cyber attacks begin | |
with some form of Phishing). We will discuss this in a future section. | |
## The Internet of things (that go bump in the night) | |
With the rise in a "connected lifestyle" (Estimates of > 11 Billion | |
"Things" connected by 2018) there have been some major issues with IoT | |
devices. Domestic items like fridges were discovered to be part of | |
botnets. (A botnet, is a collection of comprimised computers, which | |
can be used as part of a cyberattack such as Denial of Service) While | |
this kind of attack is relatively new, as the devices increases in | |
number and processing power, they represent a significant security | |
threat. | |
# Your task | |
The NCSC report focuses on the impact for businesses. In the forum | |
discuss how you think these issues could affect individuals. Are the | |
threats the same? What are the differences between threats to | |
Business and Individual? How do you think the threat landscape has | |
changed since the report was published? | |
# Links | |
https://www.enisa.europa.eu/publications/enisa-threat-landscape-report-2018 | |
<https://live.ncsc.gov.uk/blog-post/rats-mimikatz-and-other-domestic-pests> |