Malicious cryptomining sees huge decrease according to Skybox Security Report

By Amber Donovan-Stevens
Today skybox security announced in its mid-year update to the 2019 Vulnerabi...

Today skybox security announced in its mid-year update to the 2019 Vulnerability and Threat Trends Report, that there has been a considerable drop in the number of malicious cryptominers. In 2018, malicious cryptomining was the largest problem area with regard to cybercriminals, and has since dropped down to just 15%. 

Despite the decrease in malicious cryptomining, there has been a considerable increase in vulnerabilities in cloud containers by as much as 48%, according to the report, and 240% since 2017. 

“Cloud technology and adoption has obviously skyrocketed, so it’s no surprise that vulnerabilities within cloud technology will increase,” said Skybox Director of Threat Intelligence Marina Kidron. “What is concerning, though, is that as these are published, the race is on for attackers to develop an exploit because launching a successful attack on a container could have much broader consequences. Compared to other technology, containers can be more numerous and quickly replicated. The attack footprint could expand rapidly, and number of victims may be extremely high.”

“Container vendors put a great deal of attention to securing their products in the first place,” said Amrit Williams, VP of products. “But that also means reporting vulnerabilities when discovered. It’s critical that customers have a way to spot those vulnerabilities even as their environment may be changing frequently. 

SEE MORE:

“They also need to assess those vulnerabilities’ exploitability and exposure within the hybrid network and prioritize them alongside vulnerabilities from the rest of the environment — on prem, virtual networks and other clouds.”

“More than 7,000 new vulnerabilities were discovered in the first half of 2019 — that’s still significantly more than figures we’d see for an entire year pre-2017. So organizations are likely still going to be drowning in the vulnerability flood for some time,” said Ron Davidson, Skybox CTO and VP of R&D. “Roughly a tenth of these have an exploit available and just one percent are exploited in the wild. That’s why it’s so critical to weave in threat intelligence into prioritization methods, and of course consider which vulnerable assets are exposed and unprotected by security controls.”

 

Share
Share

Featured Articles

Microsoft in Japan: $2.9bn Investment to Boost AI & Cloud

Microsoft has announced it is investing US$2.9bn over the next two years to increase its hyperscale cloud computing and AI infrastructure in Japan

Amazon CEO Andy Jassy: Future of Gen AI to be Built on AWS

Describing it as the largest technology transformation since the cloud, Amazon CEO Andy Jassy explains how AWS aims to power the Gen AI revolution

Apple Bringing Spatial Computing to Business With Vision Pro

Apple has announced how its Vision Pro is bringing a new era of spatial computing to business, working with companies like SAP, Microsoft, Nvidia and Cisco

Top 100 Women 2024: Beth Galetti, Amazon - No.3

AI & Machine Learning

Google Cloud Next 2024: Pushing the Next Frontier of AI

AI & Machine Learning

Top 100 Women 2024: Ruth Porat, Google - No.2

Digital Transformation