Skip to main content
close search
site logo
Dive Brief

Expect hackers to build off of WannaCry, Nyetya in 2018

Published Feb. 21, 2018
Samantha Schwartz's headshot
Samantha Schwartz Reporter
Elizabeth Regan

Dive Brief:

  • One of the ways savvy hackers are preying on organizations is by taking advantage of encryption to "conceal command-and-control activity," according to the Cisco 2018 Annual Cybersecurity Report. Though encryption is meant to protect digital networks, hackers are finding leak paths, which are a "misconfigured connection created to the internet on an enterprise network," to install malware. As a result of rapid cloud adoption, leak paths are increasing.

  • While network layer attacks are decreasing, application layer attacks are increasing. If hackers successfully infiltrate the application layer, which contains a variety of devices, "large portions" of the internet could be shut down, according to the report.

  • Before 2017, ransomware could only spread through drive-by downloads, email or inserting a piece of corrupted hardware, such as a USB drive, into a device. Hackers have now created self-propagating attacks that can go undetected, as seen in WannaCry and Nyetya.

Dive Insight:

Hackers are frequently executing more sophisticated cyberattacks, targeting businesses of all sizes across sectors. Last year alone serves as a testament to the level of severity cyberattacks impose on critical infrastructure. A range of new kinds of attacks were carried out with no signs of diminishing, and year will be no different. 

Last summer, hackers were able to harness the capabilities of previous malware and combine them with optimized versions. WannaCry was derived from a wormable ransomware with automated capabilities. Following WannaCry, the world got another taste of self-propagating ransomware in Nyetya, also referred to as NotPetya.

However, much of cyberattacks' damage could have been prevented if basic security measures, like software updates, had been routinely made. This is particularly true as both attacks took advantage of the known EternalBlue vulnerability. A weakness in or shortage of cybersecurity talent can also stall an organization's ability to implement the newest methods of protection.

In addition to propagating through outdated software, Nyetya used the supply chain to spread another emerging trend seen in 2017: using vendors as an unknowing weapon to distribute malicious content to customers.

Many vulnerable consumers were faced with the CCleaner attack in September after hackers were attempting to gain access to major companies' intellectual property, including Microsoft and Cisco.

Basic security protocols are key to mitigating new threats. CIOs and IT departments should at the very least maintain an inventory of all devices and software on their networks to easily locate where a vulnerability may lie.

Recommended Reading

Filed Under: Security

Editors' picks

Company Announcements

View all | Post a press release
Newgen and Fadata Join Forces to Optimize Insurance Content Management
From Newgen Software
November 13, 2024
TrustNet Named 2024’s Best Compliance Advisory and Audit Firm at CDM’s Annual Top InfoSec Inno…
From TrustNet
November 06, 2024
Newgen Recognized in Gartner® Magic Quadrant™ for Enterprise Low-code Application Platforms Fi…
From Newgen Software
October 30, 2024
Productboard Launches AI-Powered Productboard Pulse To Integrate Voice of Customer Into Produc…
From Productboard
October 29, 2024
Editors' picks
Latest in Security
image/svg+xml
Industry Dive is an Informa business
© 2024 Industry Dive. All rights reserved. | View our other publications | Privacy policy | Terms of use | Take down policy.
Cookie Preferences / Do Not Sell