Cyber Threats 2021: A Year in Retrospect
Contents
Cyber Threats 2021:
A Year in Retrospect
Annex
2 PwC Cyber Threats 2021: A Year in Retrospect - Annex
Contents
04
Tools,
techniques, and
procedures
22
Trends in
Detection
pwc.com/cyber-security
30
CVE Spotlight
37
Conclusion
38
Endnotes
3 PwC Cyber Threats 2021: A Year in Retrospect - Annex
Introduction
This Technical Annex supplements our Cyber Threats
2021: A Year in Retrospect annual Threat Intelligence
report, which examines the overarching and thematic
cyber threat trends of 2021.
With this Technical Annex, we provide more detailed
information about the Tools, Techniques, and Procedures
(TTPs) that we observed threat actors using throughout 2021,
as well as of high-profile and high-impact vulnerabilities
disclosed during the year, mapping our findings across
the MITRE ATT&CK framework for consistency and clarity.
We present further intelligence related to these TTPs and
vulnerabilities, including incident response case studies, to
give defenders real-world context. We also share some of
the detection engineering logic we applied when faced with
threats such as 0-days, and some of the challenges that we
encountered in the process. Our analysis is based on our
in-house intelligence datasets on cyber attacks …
A Year in Retrospect
Annex
2 PwC Cyber Threats 2021: A Year in Retrospect - Annex
Contents
04
Tools,
techniques, and
procedures
22
Trends in
Detection
pwc.com/cyber-security
30
CVE Spotlight
37
Conclusion
38
Endnotes
3 PwC Cyber Threats 2021: A Year in Retrospect - Annex
Introduction
This Technical Annex supplements our Cyber Threats
2021: A Year in Retrospect annual Threat Intelligence
report, which examines the overarching and thematic
cyber threat trends of 2021.
With this Technical Annex, we provide more detailed
information about the Tools, Techniques, and Procedures
(TTPs) that we observed threat actors using throughout 2021,
as well as of high-profile and high-impact vulnerabilities
disclosed during the year, mapping our findings across
the MITRE ATT&CK framework for consistency and clarity.
We present further intelligence related to these TTPs and
vulnerabilities, including incident response case studies, to
give defenders real-world context. We also share some of
the detection engineering logic we applied when faced with
threats such as 0-days, and some of the challenges that we
encountered in the process. Our analysis is based on our
in-house intelligence datasets on cyber attacks …