Five Key Takeaways from Webroot’s 2018 Cybersecurity Threat Report



Each year, a team of Webroot analysts and threat researchers take a look back at some of the most salient cyber threat trends to emerge over the previous year. With more than 40 million licensed endpoints and a threat intelligence platform capable of integrating information from billions of URLs, domains, IP addresses, files, and mobile apps, Webroot has the capacity to dive deep into the real-world threat landscape.

Here are five clear trends we saw emerge over the course of 2017.

1. Hackers Land Huge Hauls with Phishing Attacks

report released by Verizon in 2017 contained some shocking statistics concerning success rates for phishing attacks. Webroot’s research points to why. Of the more than 1.5 million phishing attacks carried out over the course of the year, most of the sites they directed were live for no more than eight hours. Domain names were recycled frequently to evade static lists and IP masking was a favored technique for covering hackers’ tracks.

What does this mean for consumers? Static lists are all but completely ineffective at sniffing out phishing attacks. Threats disappear as fast as they’re recognized.

Want to know why Webroot isn’t celebrating another year of decline in the average number of malware files per device? Read the full report to find out.

2. Polymorphism is Malware’s New Normal

Old-school antivirus software functioned by keeping static lists of known malicious files downloaded on machines. The advent of polymorphism retired that method as a viable way for keeping malware at bay. Small variations in malware signatures prevent the registering of a match when scanning. Of the hundreds of millions of executable files Webroot analyzes each year, fully 94% of malicious executables were polymorphic. It reinforces the lesson learned from modern phishing attacks. Static threat lists are a thing of the past.

Webroot isn’t ready to celebrate another year of decline in the average number of malware files per device. Download the report to learn why.

3. Cryptojacking equals CryptoJackpots for Cybercriminals

The best cons leave their marks blissfully unaware they’ve just been hit. Or so we’ve read on the internet. Obliviousness happens to be an additional benefit of a tactic gaining popularity among cybercriminals recently. Cryptojacking involves hijacking the computing power of a machine and reassigning it to the task of cryptomining, the process of adding transactions to a blockchain leger in exchange for a small transaction fee. Over time, these efforts can lead to steady returns on little effort for cryptojacking operations.

Want to know which cryptocurrency was most popular among cryptojackers? Check out the report.

4. Ransomware Makes Millions WannaCry

The year 2017 was a big one for ransomware, a particular type of malware that locks a user’s files or hardware to extort a ransom. Two attacks in particular, WannaCry and NotPetya, infected more than 200 thousand devices in more than 100 countries for more than $4 billion in losses. All in under 24 hours. While both attacks were widely discussed and among the most damaging in history, NotPetya was especially nefarious for its intent to damage infrastructure as well as soliciting a ransom. Ransomware attacks, especially successful ones, tend to be high-profile affairs. With a slew of them already grabbing headlines in a still-young 2018, they’re bound to continue being a favored tool of hackers in the year ahead.

Spam email campaigns have long been a favorite delivery mechanism for hackers. To find out the new strategy is gaining favor among cybercriminals, check out the full report.

5. Unprotected Mobile Banking Spreads Viruses

The total number of smartphone users is expected to eclipse the 2 billion mark by 2019. The year preceding it will undoubtedly see mobile devices gain even more attention from hackers. Malicious apps are by far the preferred method for hacking smartphones. Webroot has analyzed more than 62 million mobile apps to date and found a whopping 32% of those analyzed in 2017 to be malicious in nature.

What’s the most common type of malware delivered by malicious apps? Download the full threat report to find out.

Posted by Doug Barney
Doug Barney was the founding editor of Redmond Magazine, Redmond Channel Partner, Redmond Developer News and Virtualization Review. Doug also served as Executive Editor of Network World, Editor in Chief of AmigaWorld, and Editor in Chief of Network Computing.

Patch Management Policy Features, Benefits and Best Practices

In 2020, Ryuk Ransomware operators shut down Universal Health Services by exploiting the zerologon vulnerability to gain control of domainRead More

Endpoint Security Basics: What It Does, How It Works, Controls, Technologies and More

Each new endpoint added to a corporate network expands its security perimeter, and since endpoints serve as gateways to aRead More


Endpoint Protection: Why It’s Important, How It Works & What To Consider

Endpoint protection, also known as endpoint security, involves the use of advanced security tools and processes to secure various endpointsRead More

IT Risk Assessment: Is Your Plan Up to Scratch?

A risk assessment is a process by which businesses identify risks and threats that may disrupt their continuity and haltRead More

Download the 2022 IT Operations Survey Report - Click Here
2022 Benchmark Survery Results