It’s that time of year again, just after Cybersecurity Awareness Month and just before Black Friday…
…time for the latest Sophos Threat Report.
We know what lots of you are thinking.
Here come pages and pages of thinly disguised product pitches, setting aside science for sensationalism and advice for advertising.
Well, it’s not like that at all!
In fact, rather than write a report about what’s in the report, we’ll let our good friend and colleague Chester Wisniewski, whom many of you already know, tell you in just 2’20” (that’s the video length limit for Twitter, in case you were wondering) what you’ll learn if you read it:
As Chester explains, we’ve covered five main topics: ❶ Malware, ❷ Mobile, ❸ Machine Learning and AI, ❹ Ransomware (because we simply couldn’t not give it a section of its own), and ❺ Where next?
Indeed, the report isn’t just one researcher’s work, or even one department’s work, but the combined effort of SophosLabs, Sophos Managed Threat Response, Sophos Rapid Response, and Sophos Artificial Intelligence.
And as our CTO Joe Levy states in his introduction, at Sophos we strive for credibility (so that we mean what we say), transparency (so that we say what we mean), and scientific rigour (so that we take care to say only what we know).
But don’t take Joe’s word for it… read the report and see how we live up to those three principles!
Learn more
By the way, after you’ve read through the report, we hope you’ll think, “It would be great to learn more about what makes threat researchers tick in general, as much as to learn what they’ve been up to for the past year.”
Rather than summarise the report here (there’s a great synopsis over on our sister site Sophos News), we thought we’d pick four Serious Security articles from the past year to complement it.
So, to give you an idea of the spirit of the “how” behind the “what”, we thought you might also enjoy these articles as an interesting and informative followup:
- Serious Security: Webshells explained in the aftermath of HAFNIUM attacks
- Serious Security: Mac “XcodeSpy” backdoor takes aim at Xcode devs
- Serious Security: The Linux kernel bugs that surfaced after 15 years
- Serious Security: OpenSSL fixes two high-severity crypto bugs
And for a bit of fun to finish with, here’s a reminder of why simply being interested in quirky facts about science and the history of science can help you to do cybersecurity better:
Where next?
Cybersecurity really is a journey and not a destination.
The crooks have shown that they’re willing to learn and adapt their attacks, so we need to make sure we learn and adapt, too.
Yes, we’re proud of the work we do at Sophos to learn and adapt, and we hope the Threat Report makes that clear, but we’re just as proud of of our many readers, followers, customers and fellow travellers for being willing to learn and adapt, too.
Happy Threat Report Day!
David Urmston
Very much appreciate the insiders view of computer security. I feel that I am informed by professionals which helps me to perform like a professional in my day to day activities.
Paul Ducklin
Thanks for your kind words. As important and as necessary as the technological smarts of technology companies might be in fighting cybercrime, I still think that our best collective defence against cybercriminals is for *all* of us to lift our game, even if it is only by a little bit each time… in the same way that when the bar is raised in an athletics event like high jump or pole vault, it is raised all along its length, to the point that a final increment of just 2cm can mark the sudden end of the competition, where the challenge suddenly becomes too hard for everyone. Buf if you were to lift the bar by a whole metre at each end while leaving the middle part sagging down to its old height, jumpers would still have a good chance of getting over.
(I’m not sure, now I read this back, that sporting analogies really are the best fit for IT, but I am going to stick with it anyway :-)
Dave Sykes
A DVR running Linux on my network was hit with Mirai a few years ago. I noticed that traffic from the device was large and constant. Since there was no need to have the device on the network, I disconnected it until we purchased a new security system.