Key Findings
Finding 1
The interval between disclosure of a vulnerability and successful exploitation of this vulnerability was shortened to hours, posing the greatest challenge to traditional security operations.
Finding 2
DDoS attacks continued to expand in size and DDoS -as -a-ser vice experienced a fast growth. Reflection attacks declined, indicating that network governance to re-mediate many reflection sources (such as securing DNS servers) was very successful.
Finding 3
While new threats related to IoT saw a sharp rise, traditional threats were still very prevalent and active. Among all active malware families in 2018, backdoor exploitation was the most popular, followed by cryptominers and worms. Of all active worms, over 60% of the stains seen had been active for over five years.
Finding 4
The number of device vulnerabilities increases year over year. Hackers typically exploit vulnerabilities seen in mainstream network and IoT devices like routers and cameras. The large number and wide distribution of network/IoT devices as well as the rapid expansion of the Internet have made threats caused by the exploitation of device vulnerabilities greater than ever. Broader detection methods as well as better upgrade/protection schemes need to be put in place.
Finding 5
More than half of compromised IoT devices were exploited for DDoS attacks due to these IoT devices not being properly secured.
To be continued.