Sophos gives a comprehensive review of cyber threats and events over the past two decades and shows the various epochs in which worms, Stuxnet and ransomware dominated
The end of the year is always a good time to look at the current cyber threat landscape and make predictions about where it could head. Annual reports like the Sophos 2021 Threat Report support this process. They provide a clear overview of the most important threat events over the past twelve months and show trends and future protective measures. But looking back over several years offers a valuable additional perspective and enables us to understand how various cyber threats and the behavior of attackers emerge and evolve. In addition, a longer-term review provides additional context and important insights into current and future developments.
Report "Cyberthreats: A 20-Year Retrospective"
The new report "Cyberthreats: A 20-Year Retrospective" by John Shier, Senior Security Advisor at Sophos, provides a detailed overview of the cyber threats and events that have had the greatest impact on the security landscape over the past 20 years. The report shows how quickly security threats are changing, how attackers are learning from the past and evolving at an ever increasing pace.
Cyber Threat: Three Essential Eras
2000 to 2004
In the first few years of the millennium, worms after worms were unleashed on the world. They raged on the internet with infection rates that could double in less than ten seconds. About ten percent of all hosts connected to the Internet were affected, and at some point worms were responsible for 25 percent of all spam mail. Many abused vulnerabilities for which patches were already available. At least one showed a constant trend towards outwitting security detection. These worms had a combined total of around $ 100 billion in damage control costs. They paved the way for botnets that spread spam on a massive scale and are ruthlessly used for monetization.
2005 – 2012
This is the era when cybercrime became a business. Well-organized spammers targeted users with pharmaceutical scams and malvertising. The landscape has been forever changed by exploit kits and government sponsored threats and their advanced, expensive tools. Nicknamed "the world's largest supercomputer," the Storm botnet is estimated to have compromised between one and ten million devices. In 2009/2010, Stuxnet showed the world how cyber weapons can be used against physical systems. In addition, the rise of cryptocurrencies gave attackers a new way of making money - ransom money.
2012 until today
In the past few years, no cyber threat has been more damaging than ransomware. To date, the damage and impact of the ransom has run into trillions of dollars. In addition, there were and are the transformational attacks of Wannacry and NotPetya as well as the further development and continuation of botnets in this era. In addition, even more worms, spam and the emergence of state-sponsored cyber weapons characterize the current development. Today, online payment theft, increasingly sophisticated phishing, and the decline in online privacy are also part of the ever growing, increasingly complex threat landscape. In addition, all tools are now available as “Everything-as-a-Service” (XaaS). Cyber attacks are possible even for cyber criminals who do not have technical and intellectual know-how.
Directly to the report as a PDF at Sophos.com[starboxid=15]