Venafi, the inventor of and market leader in Enterprise Key and Certificate Management (EKCM) security solutions, is celebrating Black Hat’s "Sweet 16" with the release of its latest report, "16 Years of Black Hat - 16 Years of Attacks: A Historical Overview of the Evolving Cyberattack Landscape." The report chronicles the last 16 years of attacks, threats and exploits, and analyzes how they’ve evolved and intensified over time. The report also offers advice to enterprises on how to better defend against a new era of attacks that increasingly leverage unprotected cryptographic keys and digital certificates—the security technologies that form the foundation of IT security and online trust.
Report readers will learn about the history and evolution of attacks and the changing faces of the attackers. They will also realize that criminals have used every weapon in their arsenal—from malware and Trojans to attacks on trust—in order to make a name for themselves, disrupt business and steal data and state secrets. The report shows that as enterprises have responded, advanced attackers have had to develop new and more resistant attack and evasion methods. More recent persistent and targeted attacks demonstrated a range or attack methods and provided powerful blueprints for more common cybercriminals.
“State-backed and organized cybercriminals learned from early hackers that their vast resources could be used for a variety of nefarious, disruptive or lucrative activates. Common criminals looking for the path of least resistance have mimicked advance attack methods. This, coupled with organizations’ failure to secure and protect keys and certificates has left the front doors open for attackers to enter at will and pilfer whatever sensitive data they want, whenever they want,” said Jeff Hudson, Venafi CEO. “Organizations must stop blindly trusting keys and certificates, and take steps to understand how these attacks work and what they can do to defend against them. Otherwise, they are a vulnerable target to anyone with a cause, computer and Internet connection.”
Chronicled in the report are the different eras of attacks and attackers, with factual examples of attacks and exploits from each period, including overviews of the CIH computer virus, Melissa, Code Red, MD5, Aurora, Stuxnet and Flame. Historical eras include:
- 1997–2003: VIRUSES, WORMS AND A LITTLE DENIAL
- 2004–2005: THE BIRTH OF FOR-PROFIT MALWARE
- 2007–2009: THE RISE OF APTS
- 2010–PRESENT: ASSAULT ON TRUST USING KEY AND CERTIFICATE-BASED ATTACKS
To access “16 Years of Black Hat – 16 Years of Attacks: A Historical Overview of the Evolving Cyberattack Landscape,” visit: 16 Years of Attacks