A new report from Symantec on cyber threats in 2018 predicts that coin mining attacks will continue to spread with an increasing focus on organizations.
According to the report, detections of coin miners grew by 8,500 percent in 2017, as Bitcoin prices rose from $1,000 at the start of the year to an astonishing $14,000 by the end.
The Internet Security Threat Report 2018 predicts that attackers will use coin-mining for more creative forms of attack, using three main strategies: distributed mining, targeting corporate or organizational networks and high-powered mining using cloud services. The report states that the increase in attacks is only likely if cryptocurrency prices remain high, though – if it values back, attackers will likely lose interest in mining.
The report also identified Dragonfly an a potential ongoing threat to critical infrastucture. “Our latest research on the Dragonfly group found that it has continued to target the energy sector in Europe and North America,” it says. “For now, Dragonfly appears to be focusing on gaining access to operational systems and gathering as much intelligence as possible about how these plants operate.”
Other threats identified as likely to spread in the forthcoming year are self-propagating threats inspired by WannaCry and Petya/NotPetya, and the impact of Meltdown and Spectre vulnerabilities.
The report predicts that smaller and mid-tier cloud providers may struggle to respond to mitigating vulnerabilities such as Spectre and Meltdown, leaving their customers exposed.
It also expects to see a new generation of self-propagating threats inspired by WannaCry and Petya/Not Petya, which could use SMB spreading techniques. “The use of these ‘living off the land’ techniques allow attacks to fly under the radar making them more appealing to attackers. It’s likely we’ll see an increase in threats self-propagating using these techniques.”
According to the report, Internet of Things attacks are also still a serious threat, with attacks against devices up 600 percent last year. “Some IoT attackers have already started looking beyond routers and have begun to target other connected devices in a serious way,” states the study.
Read the full report here