New Cyber Security Report Analyzes ‘Post-Malware’ WorldF-Secure's new cyber security report paints a stark picture of the threats posed by insecure networks and devices, the internet of things, cyber crime, and more.
Helsinki, Finland – February 15, 2017: Cyber security company F-Secure released a new report today that explores the trends and threats defining the current state of cyber security across the globe. F-Secure’s State of Cyber Security 2017 report pays particular attention to security issues facing companies as the threat landscape transitions away from conventional malware to more dynamic threats.
“Today’s threats can outsmart old one-dimensional security approaches, regardless of how strong everyone thinks they are. Phishing, lists of pre-compromised accounts and networks sold online, and other resources make breaching a government or Fortune 500 company within reach of a lot of different attackers,” said F-Secure Security Advisor Sean Sullivan. “We’re in a post-malware world because the threat landscape has industrialized, and cyber criminals aren’t only relying on the most common types of malware to make money.”
The report provides data and insights on the key issues cyber security researchers and experts see dominating the threat landscape. Some key findings from the report include:
- A majority of active reconnaissance traffic in 2016 came from IP addresses in just 10 countries, with Russia, the Netherlands, the United States, China, and Germany being hotspots for these activities
- Outdated versions of Android continue to expose mobile devices to risks, with Indonesia having the largest proportion of outdated Android devices in use, while Norway has the smallest
- Most cyber attacks are performed with basic, scriptable techniques against poorly maintained infrastructure
- 197 new ransomware families were discovered in 2016 compared with just 44 in 2015
- Exploit kit usage declined during 2016
The report also contains features on notable events and trends from 2016, including information on Mirai-based botnets, upstream attacks, cyber crime, and general IT trends that are shaping the threat landscape. Several other organizations also contributed articles to the report, including the Finnish Communications Regulatory Authority, Virus Bulletin, and AV-TEST.
According to F-Secure Security Expert Andy Patel, the report was written to send a message to defenders about the importance of risk management. “Commodity malware, like ransomware, is still prevalent. And endpoint protection is great at protecting users from those threats. But defenders need to think about threat assessment, penetration testing, breach detection, incident response, and crisis management if they want cyber security plans they can count on when attackers wise up to their defenses.”
“The bomber will always get through, so defenders better be ready for it,” added Patel.
F-Secure State of Cyber Security 2017 report
F-Secure is a leading cyber security company with decades of experience in defending enterprises and consumers against everything from opportunistic ransomware infections to advanced cyber attacks. Its comprehensive set of services and award-winning products use F-Secure’s patented security innovations and sophisticated threat intelligence to protect tens of thousands of companies and millions of people. F-Secure’s security experts have participated in more European cyber crime scene investigations than any other company in the market, and its products are sold all over the world by over 200 operators and thousands of resellers.
Founded in 1988, F-Secure is listed on the NASDAQ OMX Helsinki Ltd.
F-Secure media relations
+358 40 637 8859
Latest Press Releases
New service quantifies breach impact in real numbers before it happens, empowering decision makers to invest in the right security controls.
F-Secure’s flagship products now enable parents to set boundaries online the way they do in the real world
Social engineering is simple these days, and spam has re-surged as an attack vector.
Insecure IP cameras are yet another example of IoT devices that are not built to withstand the threat landscape of the internet.