Skip to main content

The Most Important Threats for Your Organization to Watch

June 27, 2017

The Optiv Cyber Threat Intelligence Estimate 2017 is a yearly report that reviews important events of the past calendar year, and uses them to make projections for the coming year. Professionals from Optiv’s Cyber Threat Intelligence practice and the Global Threat Intelligence Center (gTIC) collaborated to identify the most important threats to watch.

CTI 1

The Estimate is organized into three high-level categories:

  1. Industry verticals. Some industries are more prone to certain technological threats or threat actors than others. For instance, energy companies dealing in petrochemicals may find themselves on the receiving end of threats from ecologically-minded hacktivists more than media companies or other industries.
  2. Threat actors. Different threat actors pursue different motives and generate different impacts in the public sphere. Last year, many were surprised by the high-profile ransomware attacks that were conducted on members of the healthcare industry.
  3. Tools and techniques. Threats in the tools and techniques category cut across threat actors and industries. This year saw a colossal DDoS attack conducted using Internet of things (IoT) devices. For years, security experts have warned that the convenience and utility of IoT needs to balance with increased security risk.

There exists two common themes that run throughout the Estimate: 

  • The first of those themes is the maturation of threats. Several steps of the attack chain are seeing commodification. Prospective attackers can buy malware, hire phishers to craft a campaign, and rent a botnet for infrastructure. Years ago an attacker would need to develop or steal those capabilities individually. This is commodification in action; criminals specializing in certain fields and selling their goods and services to other criminals in a market environment.

    But not all maturation causes an increase in complexity. Over the past year, some criminals actually simplified their modus operandi. Recent high-profile successes in ransomware attacks were noted by potential victims and criminals alike. Organizations now have a heightened awareness to the possible impacts ransomware attacks could have on their bottom lines. Because there is a prevalent sense of fear, criminals now realize that they don’t actually need to create or execute on successful attacks. In fact, some criminals are now able to extort organizations by threatening with ransomware without having any intent to carry out the attack. Ransomware is an extremely low-risk, high-reward type of crime. Operating on margin, these extortionists only need a small fraction of their victims to pay because it is simple and cheap to send threats to a large number of potential victims.
     
  • The second core theme is cross-pollination. Gone are the days when a threat actor could be pigeonholed based on their actions. Hacktivists would deface websites with ideological screeds.  Cybercriminals would steal a consumer’s credit card and buy a television with it. Now threat actors have learned from one another. It used to be a hacktivist trend to break into an organization’s network, steal sensitive information, then publicly air that dirty laundry to name and shame their victim. Nation-state actors took note of the effectiveness of this approach and attempted the same in the American and French presidential elections.

The Cyber Threat Intelligence Estimate presents a wide range of threats relevant to all organizations. By utilizing the insight of Optiv threat intelligence analysts, organizations can better understand the threat landscape in which they find themselves, and better prepare for the threats that they might face.

Click here to download a free copy of the Optiv Cyber Threat Intelligence Estimate 2017. 


    Courtney Falk

By: Courtney Falk

Senior Research Analyst

See More

Related Blogs

April 23, 2014

INFOGRAPHIC: Making Sense of IAM

Let’s face it, developing an Identity & Access Management (IAM) program can be a complex undertaking that must be tailored to each organization’s uniq...

See Details

March 24, 2017

Maturing IR Capabilities into an Incident Management Program – Part 1 of 3

We’ve all heard that it’s not a matter of “if,” but “when.” This statement, while becoming its own stale mantra of sorts, is still the impetus for the...

See Details

How Can We Help?

Let us know what you need, and we will have an Optiv professional contact you shortly.


Privacy Policy

Related Insights

July 21, 2015

Network Security Solutions

Learn how we help protect your environment while maintaining connectivity.

See Details

January 16, 2018

The Fundamentals of Identity and Access Management

Identity and access management (IAM) is an exciting world filled with dreams of business enablement while reducing risks and implementing security pol...

See Details

July 21, 2015

Application Security Solutions

Learn how Optiv can help with web, email and application protection.

See Details

Stay in the Know

For all the latest cybersecurity and Optiv news, subscribe to our blog and connect with us on Social.

Subscribe

Join our Email List

We take your privacy seriously and promise never to share your email with anyone.

Stay Connected

Find cyber security Events in your area.