Internet Security Threat Report vol. 22
Contents
ISTR
Internet Security Threat Report
April 2017
Contents
Introduction
Executive summary
Big numbers
Targeted attacks:
Espionage, subversion,
& sabotage
Email: Malware, spam,
& phishing
Web attacks, toolkits, &
exploiting vulnerabilities
online
Cyber crime & the
underground economy
Ransomware: Extorting
businesses & consumers
New frontiers: IoT,
mobile, & cloud threats
22
Volume
Internet Security Threat Report
Contents
4
Introduction
6
Executive summary
9
Big numbers
13
Targeted attacks:
Espionage, subversion,
& sabotage
14 Introduction
14 Key findings
16 The targeted attack
landscape in 2016
17 Trends and analysis
17
Subversion emerges as a new motive
for targeted attacks
18
Sabotage attacks make a comeback
18
Living off the land
19
How Shamoon attackers used
“living off the land” tactics
20
Economic espionage
21
New threats emerge
34
Exploit kits
59
Ransom demands soar
35 Web attacks
59
Infection vectors
35 Browser vulnerabilities
61
Arrival of Ransomware-as-a-Service
36 Case study
61
New techniques: Targeted attacks and
“living off the land”
62
Other platforms now vulnerable
62
Law enforcement takedowns
36
36 Best practices
37
23
Email: Malware, spam,
& phishing
24 Introduction
24 Key findings
24 Trends and analysis
24
Malware menace
25
Phishing
26
BEC scams
27
Spam stays steady
28 Case studies/investigations
28
Changing tactics
28
Ice-cold: Snowshoe and
hailstorm techniques
29
Tried and tested social engineering
30 Social engineering and new
messaging platforms
30 Further reading
31 Best practices
32
Web attacks, toolkits, &
exploiting vulnerabilities
online
Cyber crime & the
underground economy
38 Introduction
38 Key findings
38 Malware
62 Best practices
New frontiers:
Internet of Things, mobile, &
cloud …
Internet Security Threat Report
April 2017
Contents
Introduction
Executive summary
Big numbers
Targeted attacks:
Espionage, subversion,
& sabotage
Email: Malware, spam,
& phishing
Web attacks, toolkits, &
exploiting vulnerabilities
online
Cyber crime & the
underground economy
Ransomware: Extorting
businesses & consumers
New frontiers: IoT,
mobile, & cloud threats
22
Volume
Internet Security Threat Report
Contents
4
Introduction
6
Executive summary
9
Big numbers
13
Targeted attacks:
Espionage, subversion,
& sabotage
14 Introduction
14 Key findings
16 The targeted attack
landscape in 2016
17 Trends and analysis
17
Subversion emerges as a new motive
for targeted attacks
18
Sabotage attacks make a comeback
18
Living off the land
19
How Shamoon attackers used
“living off the land” tactics
20
Economic espionage
21
New threats emerge
34
Exploit kits
59
Ransom demands soar
35 Web attacks
59
Infection vectors
35 Browser vulnerabilities
61
Arrival of Ransomware-as-a-Service
36 Case study
61
New techniques: Targeted attacks and
“living off the land”
62
Other platforms now vulnerable
62
Law enforcement takedowns
36
36 Best practices
37
23
Email: Malware, spam,
& phishing
24 Introduction
24 Key findings
24 Trends and analysis
24
Malware menace
25
Phishing
26
BEC scams
27
Spam stays steady
28 Case studies/investigations
28
Changing tactics
28
Ice-cold: Snowshoe and
hailstorm techniques
29
Tried and tested social engineering
30 Social engineering and new
messaging platforms
30 Further reading
31 Best practices
32
Web attacks, toolkits, &
exploiting vulnerabilities
online
Cyber crime & the
underground economy
38 Introduction
38 Key findings
38 Malware
62 Best practices
New frontiers:
Internet of Things, mobile, &
cloud …