Ride the Lightning

Cybersecurity and Future of Law Practice Blog
by Sharon D. Nelson Esq., President of Sensei Enterprises, Inc.

SophosLabs Issues 2019 Threat Report

December 10, 2018

As users move from desktop and laptop computers to mobile and Internet of Things (IoT) platforms, cybercriminals are doing the same thing.

The SophosLabs 2019 Threat Report has tracked this shift across a range of mobile threat types, most of which target Android. Generally, they sneak malicious apps past Google’s Play Store security checks on the assumption that some victims will download them before they recognized and pulled from the store.

A good example from 2018 is the short boom in malicious cryptominers, which weren’t explicitly banned by Google until July.

Anyone unlucky enough to end up with a cryptominer on their phone – possibly hidden as a function inside another innocent-looking app – would have noticed their device’s processor straining under the load. Phones that do this constantly would appear to have significantly reduced battery life when compared to identical models that do not have the miner code running on them. Imagine how crazy that would drive the phone addicts in your world.

Mobile clickfraud has attracted cybercriminals, again embedding malware inside apparently innocuous apps that simulate users clicking ads to generate revenue. Spotting these apps isn’t easy to do but the negative for mobiles is the same, battery and processor drain, while advertisers are charged for useless clicks, and the cost of online advertising is driven up.

IoT devices are typically left unattended. This means they are rarely, if ever, patched and often rely on default credentials – this might explain why SophosLabs saw a surge in attacks against IoT devices in 2018.

However, IoT malware is now evolving rapidly to target devices such as home routers. Router compromise has been around for a while but common attacks during 2018, such as VPNFilter, offer clues as to its new direction. VPNFilter could successfully attack dozens of routers from numerous vendors, and the botnet it built in the process looked every bit as potent as something that might affect PCs or servers.

SophosLabs reports that the IoT target list is expanding to include database servers, commercial-grade routers, and networked CCTV cameras and DVR systems. Defending ourselves against these kinds of attacks continues to be an escalating challenge!

Hat tip to Dave Ries.

E-mail: Phone: 703-359-0700
Digital Forensics/Information Security/Information Technology
https://www.senseient.com
https://twitter.com/sharonnelsonesq
https://www.linkedin.com/in/sharondnelson
https://amazon.com/author/sharonnelson

Sharon D. Nelson, Esq.
President

Subscribe in a Reader

Cookie	Duration	Description
cookielawinfo-checbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Ride the Lightning

SophosLabs Issues 2019 Threat Report

Subscribe for More!

Recent Posts

Listen to the Podcast

Disclaimer