Threat Intelligence provides the power to protect your organization against emerging threats.
The SecureWorks® Counter Threat Unit™ (CTU) research team analyzes security threats and helps organizations protect their systems. During November and December 2016, CTU™ researchers identified lessons learned and observed notable developments in threat behaviors and the global threat landscape:
- Weak and outdated software enabled breaches
- Threat actors exploited a weak multi-factor authentication implementation and bypassed outdated antivirus software to breach organizations.
- Threat actors leveraged legitimate features
- To facilitate their activities in a compromised environment, threat actors used native system features rather than malware.
- Threat groups targeted organizations for espionage
- Government-sponsored threat groups updated their tool-sets and conducted targeted espionage intrusions against networks in the technology, manufacturing, and defense verticals.
- Shamoon wiper malware reemerged
- Destructive malware reemerged that destroyed tens of thousands of devices in 2012.
Conclusion:
Given these sophisticated attacks and increasingly adaptable threat actors, CTU researchers encourage organizations to consider the lessons learned from these incidents when designing their security protections. While implementing security best practices could limit the likelihood and impact of many intrusions, understanding and addressing threat behaviors can help organizations anticipate and disrupt potential breaches.
