Yoroi Annual CyberSecurity Report 2019
Yoroi defends companies and organizations in the digital space from the very beginning of its life by improving its technology day by day and its analysis capabilities. Tracking threats, threat-actors and the way they change over time gets a central role in the continuous learning life-cycle; it would help technology and cybersecurity analysts to have a better feeling on threat management.
We believe in information sharing as one of the main defensive weapons belonging to humanity every year we invest time in extracting, collecting and describing what we have learned in the past twelve months. This year we decided to improve our Yoroi CyberSecurity Report (YASR) by balancing qualitative analyses and quantitative analyses in a single short document accessible to everybody who needs it. From this purpose we are pleased to introduce Yoroi CyberSecurity Report 2019.
A new decade approached our history and something new is hiding in new cyber attacks while consolidated threats actions persist in targeting organizations all over the world. The report describes the continuously increasing malware chain sophistication with a special focus on targeted malware. Yoroi’s characterized section on zero-days malware also includes a broad view on what is covered and what is not covered by common antivirus systems.
A dedicated chapter on impacted industries is provided to map how Malware hit industries. That section would help CISO in being ready on the most common attacks related to his business vertical. We gather field data about propagation and lateral movement describing how malicious artifacts move from one company to another, ending by describing threats in Italy as one of our most active countries. We also dissected trends and changes on botnet/opportunistic attacks threatening organizations and people all around the world.
Since eMails is one of the most favourite attack vectors as reported in Yoroi Cybersecurity report 2019 and in Yoroi Cybersecurity report 2018, this year we decided to provide a dedicated section and compared trends over the past few years. Also, we dedicated a section to the eMail vectors. Analysis of malware carriers and common subjects are described to highlight patterns exploited by a clustered discussion. Studying eMail vectors would enable companies to raise the awareness of their users to improve the feeling of malicious email themes.
Understanding the attack trends is an initial step to provide blocking solutions and detection mechanisms, so we dedicated a section about new attack trends according to the MITRE ATT&CK matrix, with a particular focus on Emotet and Ursnif/ISFB.
We hope to provide a nice reading to everybody interested in studying cyber threat trends by giving an overview of what has happened in the past months.