Threat Intelligence Blog

Posted January 16, 2018

The volatility of the cybersecurity landscape continues increase… “No, duh!” In 2017 alone, LookingGlass® observed ~630M total malware infections, with more than 1.5M unique infections per day.

To throw some more stats at you, every 39 seconds hackers try to obtain sensitive information, affecting one in three Americans each year. Since 2013 there have been 3,809,448 records stolen from breaches every day, 158,727 per hour, 2,645 per minute, and 44 per second.[1] Cyber crime is showing no signs of slowing down and will more than triple the number of 3.5 million unfilled cybersecurity jobs by 2021.[2] Overwhelming, huh?

These 2017 numbers highlight the exponential growth of cyber issues, as well as you and your organization’s exposure. However, the greater concern are the tectonic shifts in the cyber landscape. Below are some of these shifts that the LookingGlass team will be exploring over the next few blogs including: new attackers, methods, and motivations that will have huge ripple effects in 2018.

Widespread, Destructive Malware

We’ve all heard the stories about WannaCry, NotPetya, and the likes, and malware has been a consistent cybersecurity storyline for the past few years. However, what makes the malware of 2017 so memorable is the bigger questions they posed.

WannaCry wasn’t like typical ransomware. It only yielded ~$70k USD. This begs the question, what were the real motives of the attack? Did the attackers just want to wreak havoc and cause a frenzy? Or did they simply not realize the effect the attack would have.

Hype Cycle of Cryptocurrency

Cryptocurrencies have seen an increase in value and a fair bit of volatility in 2017. With wider acceptance and interest, hackers have started to use their botnets for cryptocurrency mining. The Google Chrome Extension, Archive Poster was recently shut down for cryptojacking. It took advantage of over 105,000 people for weeks while going undetected by users.[4]

One cryptocurrency targeted in particular, Monero, is fully anonymous and not trackable back to the botnet operators. The experts contend that it is becoming the go-to tool for ransomware attacks and money laundering. In December 2017, hackers attacked around 200,000 WordPress websites to demand they generate Monero.[5]

In 2018, we expect to see even more attacks on exchange and mining pools to steal coins and installs of mining software, which is secretly mining end-users devices, particularly mobiles.

Growing Cyber Aggression by Iran and North Korea

Countries like North Korea and Iran have become aggressive cyber powers, regularly using cyber attacks to advance their interests. It is not out of reason that the future could see state-sponsored activity against both government and private sector networks. If an attack like this does occur in a foreign country, it will likely use that country’s own cyber networks to pursue its goal, and more coordinated and intentional campaigns could surface in the near future.


How Does My Organization Stay Ahead?

Employee Education

As we become a more digitally connected world, cybersecurity is more than an IT issue. Your employees are both the target and your first line of defense. Organizations need to have online security training programs to help employees become more aware of best security practices to help secure personal and the organization’s sensitive data. Often times, a cyber attack or data breach is caused from a simple phishing email or social engineering campaign. By teaching your employees the signs of a suspicious email – and other cyber threats – you can prevent your organization from falling victim to malware, ransomware, and more.


Every day cybercriminals are developing new ways to launch cyber attacks, and more often than not they are leveraging automation. Organizations cannot keep up by only using manual processes – they need their own automated defenses. Think of all the time your security teams could save if they had a tool that intelligently identified and mitigated against the threat. This type of security solution would bring a new meaning to actionable intelligence; you can feel safe knowing that you have an advanced tool working in the background to block known bad at network speeds, all while your security analysts are focused on mission-critical tasks.


Depending on the size of an organization’s security team, workload, and available resources, it may not be cost-effective – or even possible – for your in-house team to manage all of your organization’s cyber risk on their own. It costs a lot of money to have a robust and scalable security operation. That’s why the Security-as-a-Service market is estimated to be worth more than eight billion by 2020, and why CISOs and CSOs are choosing to augment their operations by outsourcing to better meet these business demands. Not only will you minimize costs by buying vs. building, but you will also streamline the process of fighting cyber threats, saving yourself any hassle and frustration of having to coordinate with multiple security vendors to mitigate one threat.

Check out our infographic below for more information on the 2017 malware landscape, and subscribe to our blog as we continue to explore some of these topics in much greater detail.











Additional Posts

Weekly Phishing Blog: January 17, 2018

The following data offers a snapshot into the weekly trends of the top industries being targeted by ...

Through the LookingGlass – What We Learned From Major Cybersecurity Events in 2017

View on Demand - From WannaCry to BadRabbit, 2017 was filled with cybersecurity meltdowns. The ...