… Iranian hackers so it’s all in Persian and includes about 100,000 people, she said.
In terms of ransomware, in 2018 it became more sophisticated because the threat actors realized that fewer people pay the ransom, she said.
“So they decided to just make these attacks more targeted because there are specific organizations [that] would more likely pay the ransom, especially if they attack specific assets within their environment,” Horowitz said. “If it’s a hospital and the backup servers are down, there’s a good chance they would pay and pay more. There are attacks in which victims pay about $200,000, while with WannaCry, which was a huge attack with hundreds of thousands of victims, they only gained $150,000 in total. So when you do put more effort into an attack and do something that’s more unique, that’s more advanced, chances are from one attack you can get more money. So we see both, but the majority of the attacks are just using very common tools.”
One positive note in the research is that while there are more attacks, some of them use the same tools, and so “for us it sometimes means it’s actually easier to create the defense,” she said.
“As a security company, we have to chase after [fewer] types of tools,” Horowitz said. “Of course, there are still hundreds of malware families that we see every single day, but it’s actually good in some ways if they collaborate and share, or get lazy.”
Yariv Fishman, Check Point’s head of cloud security product management, said IoT attacks grew by more than 200 percent last year.
“IoT devices have no protection, cannot be updated and cannot protect themselves,” he said. “Those devices extend the attack surface because there’s no defense, and … there’s no visibility into those devices, so you can’t protect if you don’t know where they are.”
The sixth generation of threats encompasses IoT, and combating it involves having a comprehensive view of devices to see where they’re coming from and who they are communicating with, Fishman said.
“If I know how a device is supposed to act and find an anomaly, I can block that device,” he said.
Check Point is CompuQuip Cybersecurity‘s flagship product, and the company offers a portfolio of managed security products. Richardo Panez, its director of sales, said his company’s customers are concerned about visibility, understanding what’s going on in their environment and “getting clear input into what has taken place, what incidents could have potentially taken place, what has been stopped and when it’s been stopped.”
“Now they’re at a stage where they have five or six cybersecurity tools and they need to get some visibility across those tools … so we’re helping them with that,” he said. “We counted about 200 customers and we have not had an incident in all of 2018.”