Threat landscape analysis

The 2018 threat landscape was characterized by a significant change in motive of the most potent threat agents. The main observed motive was the discrete monetization motive that explicitly redefined the tactics employed by the most potent and significant threat actors. These significant threat actors as observed in 2018 were state-sponsored actors and cyber-criminals (Kettani & Wainwright, 2019). The monetization motive thus was the source of the most significant changes of the threat landscape in the year that saw the emergence and advancement of crypto-mining one of the top emerging trend in the year. Further, some of the motives of the state-sponsored actors contributed to the development of the notion that there is gradually a shift from what was considered as complex malicious infrastructures and software to a rather more low-profile form of attack in the name of social engineering (Kettani & Wainwright, 2019).

Instead having to install a malware, the cyber attacker would instead use automated algorithm that would be completed when an individual checks into a website. Unlike the past when one had to click on an advertisement on a website, crypto-jacking in 2018 only required one to check into a website and the attacker would proceed and complete the algorithm using malware buried within the JavaScript. It is the most potent attack tool and technique due to its automated nature making it quite difficult to defend against (Shad, 2019). The attack vectors that cyber criminals and state-sponsored attackers exploit included malware, key loggers and social engineering. Of these vectors, social engineering was the most widespread attack vector of 2018. Marchetto, V. An Investigation of Cryptojacking: Malware Analysis and Defense Strategies.