• TREND MICRO
  • ABOUT
Search:
  • Latest Posts
  • Categories
    • Android
    • AWS
    • Azure
    • Cloud
    • Compliance
    • Critical Infrastructure
    • Cybercrime
    • Encryption
    • Financial Services
    • Government
    • Hacks
    • Healthcare
    • Internet of Everything
    • Malware
    • Microsoft
    • Mobile Security
    • Network
    • Privacy
    • Ransomware
    • Security
    • Social Media
    • Small Business
    • Targeted Attacks
    • Trend Spotlight
    • Virtualization
    • Vulnerabilities
    • Web Security
    • Zero Day Initiative
    • Industry News
  • Our Experts
    • Ed Cabrera
    • Rik Ferguson
    • Greg Young
    • Mark Nunnikhoven
    • Jon Clay
    • William “Bill” Malik
  • Research
Home   »   Security   »   2018’s Biggest Attacks Will Stem from Known Vulnerabilities

2018’s Biggest Attacks Will Stem from Known Vulnerabilities

  • Posted on:December 5, 2017
  • Posted in:Security, Targeted Attacks, Vulnerabilities & Exploits
  • Posted by:
    Martin Roesler (Director, Threat Research)
0

Trend Micro just released its annual predictions report for next year. In this, we outline 8 ways the threat landscape is expected to evolve in 2018. While the predictions touch on a wide range of issues – from IoT to cyberpropaganda – the underlying theme is this, 2018’s biggest attacks will stem from known vulnerabilities.

This prediction stems from all the big security events in 2017, like the WannaCry incident, that were based on known vulnerabilities. By studying the leaked information from Shadow Brokers, criminals had access to a list of vulnerabilities that a state-funded intelligence service actively and successfully exploited. Based on this, it is easy to foresee that criminals will make use of these vulnerabilities, too.

The biggest difference between an unknown vulnerability, one only known to an intelligence service, and a known vulnerability is that the potential number of attackers using it gets exponentially higher. So once a vulnerability is publicly known, the clock starts ticking, and it’s just a matter of “when” it will hit users.

There are a wide variety of ways known vulnerabilities can be exploited to damage businesses and individuals. Vulnerabilities will be used for different motivations depending on the business model of the attacker. An intelligence service might use it for a hack, while a money driven criminal might use it to install ransomware.

In 2017 I was impressed by the number of known vulnerabilities successfully exploited in attacks. We saw Pawn Storm, for example, which implemented highly sophisticated attacks with many new, but not widely known vulnerabilities. Volume-wise, however, WannaCry was the obvious chart breaker, leveraging just one known vulnerability made available via the Shadow Brokers files. This one bug allowed the actor to create a worm-like ransomware that spread organically across the globe. That attack also further exposed the vulnerability in SMBv1, which continued to be exploited in future attacks. The combination of how Pawn Storm uses vulnerabilities, with how WannaCry and other thoroughly exploited one vulnerability, is exactly why virtually patching is so important.

To be prepared for this trend to continue, business leaders must accept the inevitable – if you have known vulnerabilities in your system, they will be targeted. Being aware that vulnerabilities exist in a corporate environment means it’s just a matter of time till someone makes use of them.

Companies need address this in two ways:

1. Actively reduce the attack surface. Reduce the number of vulnerabilities in your enterprise as best as possible, for example, by virtual patching.

2. Be prepared for that day an attempted attack is successful. Have disaster recovery procedures in place, meaning the plan has been tested and executed for training. Also, part of the plan should address the fundamental question, “to pay or not pay,” which will be an important guideline for defense teams. It is always better to make those decisions before a major incident occurs.

Read our full list of predictions for 2018 in the report. Have any predictions of your own for 2018? Share them with us on Twitter @TrendMicro.

Related posts:

  1. Taking Stock of Pawn Storm Zero-Day Vulnerabilities
  2. TippingPoint Threat Intelligence and Zero-Day Coverage – Week of January 1, 2018
  3. Pawn Storm: Attackers Target MH17 Investigators, Syrian Rebels
  4. 2017’s Biggest Threats and What CISOs Can do to Mitigate Risks in 2018

Security Intelligence Blog

  • Our New Blog
  • How Unsecure gRPC Implementations Can Compromise APIs, Applications
  • XCSSET Mac Malware: Infects Xcode Projects, Performs UXSS Attack on Safari, Other Browsers, Leverages Zero-day Exploits

Featured Authors

Ed Cabrera (Chief Cybersecurity Officer)
Ed Cabrera (Chief Cybersecurity Officer)
  • Ransomware is Still a Blight on Business
Greg Young (Vice President for Cybersecurity)
Greg Young (Vice President for Cybersecurity)
  • Not Just Good Security Products, But a Good Partner
Jon Clay (Global Threat Communications)
Jon Clay (Global Threat Communications)
  • This Week in Security News: Ransomware Gang is Raking in Tens of Millions of Dollars and Microsoft Patch Tuesday Update Fixes 17 Critical Bugs
Mark Nunnikhoven (Vice President, Cloud Research)
Mark Nunnikhoven (Vice President, Cloud Research)
  • Twitter Hacked in Bitcoin Scam
Rik Ferguson (VP, Security Research)
Rik Ferguson (VP, Security Research)
  • The Sky Has Already Fallen (you just haven’t seen the alert yet)
William
William "Bill" Malik (CISA VP Infrastructure Strategies)
  • Black Hat Trip Report – Trend Micro

Follow Us

Trend Micro In The News

  • Fujitsu and Trend Micro Demonstrate Solution To Secure Private 5G
  • Trend Micro Receives 5-Star Rating in 2021 CRN® Partner Program Guide
  • Smart Factory Cyber Attacks Knock Out Production for Days
  • Eliminate Hesitations: Security Simplified For Those Building In The Cloud
  • Nuffield Health Depends on Managed XDR with Trend Micro Vision One
  • Home and Home Office
  • |
  • For Business
  • |
  • Security Intelligence
  • |
  • About Trend Micro
  • Asia Pacific Region (APAC): Australia / New Zealand, 中国, 日本, 대한민국, 台灣
  • Latin America Region (LAR): Brasil, México
  • North America Region (NABU): United States, Canada
  • Europe, Middle East, & Africa Region (EMEA): France, Deutschland / Österreich / Schweiz, Italia, Россия, España, United Kingdom / Ireland
  • Privacy Statement
  • Legal Policies
  • Copyright © 2017 Trend Micro Incorporated. All rights reserved.