- In 2016, the top five most successful iterations of malware are all Trojan Horses that have been around for a year or more, according to the second edition of the "Hacker’s Playbook," a collection of data about enterprise trends and risks released this week.
- This year’s most successful malware so far includes Citadel, Dridex, Hesperbot, SpyEye and Cryptolocker.
- The playbook also revealed that Windows Script Files and MS Word document macros provide a successful entry point for a huge amount malware.
The bottom line? None of the most damaging threat vectors are anything new. Instead, hackers have just learned to modify their tactics to avoid detection. With more savvy hackers, security industry must also shift tactics to keep up.
"I think what we're seeing here is a security industry that is outsmarting itself — and its customers," said Itzik Kotler, co-founder and CTO at SafeBreach. "Security vendors are chasing the latest threats and introducing extreme innovations but also complexity in deployment, alerts and misconfiguration. The bad guys know this; and they are preying on that with great success."
The playbook explores nearly 4 million breach methods executed in real enterprise networks between January and September 2016.