Malicious cryptomining sees huge decrease according to Skybox Security Report

By Amber Donovan-Stevens
Today skybox security announced in its mid-year update to the 2019 Vulnerabi...

Today skybox security announced in its mid-year update to the 2019 Vulnerability and Threat Trends Report, that there has been a considerable drop in the number of malicious cryptominers. In 2018, malicious cryptomining was the largest problem area with regard to cybercriminals, and has since dropped down to just 15%. 

Despite the decrease in malicious cryptomining, there has been a considerable increase in vulnerabilities in cloud containers by as much as 48%, according to the report, and 240% since 2017. 

“Cloud technology and adoption has obviously skyrocketed, so it’s no surprise that vulnerabilities within cloud technology will increase,” said Skybox Director of Threat Intelligence Marina Kidron. “What is concerning, though, is that as these are published, the race is on for attackers to develop an exploit because launching a successful attack on a container could have much broader consequences. Compared to other technology, containers can be more numerous and quickly replicated. The attack footprint could expand rapidly, and number of victims may be extremely high.”

“Container vendors put a great deal of attention to securing their products in the first place,” said Amrit Williams, VP of products. “But that also means reporting vulnerabilities when discovered. It’s critical that customers have a way to spot those vulnerabilities even as their environment may be changing frequently. 

SEE MORE:

“They also need to assess those vulnerabilities’ exploitability and exposure within the hybrid network and prioritize them alongside vulnerabilities from the rest of the environment — on prem, virtual networks and other clouds.”

“More than 7,000 new vulnerabilities were discovered in the first half of 2019 — that’s still significantly more than figures we’d see for an entire year pre-2017. So organizations are likely still going to be drowning in the vulnerability flood for some time,” said Ron Davidson, Skybox CTO and VP of R&D. “Roughly a tenth of these have an exploit available and just one percent are exploited in the wild. That’s why it’s so critical to weave in threat intelligence into prioritization methods, and of course consider which vulnerable assets are exposed and unprotected by security controls.”

 

Share
Share

Featured Articles

TECH LIVE LONDON: An overview of the hybrid technology show

We take a look at the first day of Tech Live London with insights from technology leaders from companies such as IBM, Microsoft and Vodafone

TECH LIVE LONDON: Begins tomorrow at 10am!

Our marquee technology event is nearly here. There's still time to claim your free ticket (worth £295). Look forward to welcoming you to the Tobacco Dock!

Executive Q&A: Marc Lueck, CISO EMEA, Zscaler

As we prepare to welcome the Zero Trust leaders to TECH LIVE LONDON this June 23-24, we take the opportunity to chat to Zscaler CISO of EMEA, Marc Lueck

TECH LIVE LONDON: Registering, networking and logistics

Digital Transformation

New speaker from Infosys announced for TECH LIVE LONDON!

Digital Transformation

New speaker from Bernadette announced for TECH LIVE LONDON!

Digital Transformation