Threat Intelligence

Beyond Opportunistic: How the Threat Landscape Is Evolving

Chester Wisniewski of Sophos Describes the 'Blended Threat'
Chester Wisniewski, principal research scientist, Sophos

The threat landscape continues to evolve, says Chester Wisniewski of Sophos. "The more professional, the more skilled criminals out there are moving, seemingly, away from this 'spray and pray' mass exploitation approach and getting more targeted. It's what I call a blended threat,” he says.

"It begins out opportunistic, meaning they may just be scanning the internet for people that are running a particular kind of database that has a vulnerability or they may be looking for insecure open remote access things like RDP. But once they find that you've left the door ajar … then a human being takes over and that human being is one, going to go for the easiest targets in your organization, and two, they're going to be much more selective on how they go about it. It's sort of like a malicious penetration test."

In a video interview at the recent Infosecurity Europe conference, Wisniewski discusses:

  • How ransomware attackers are shifting from email distribution to directly infecting servers;
  • Why identity and authentication is increasingly a social problem;
  • As attackers shift tactics, identifying which processes and security policies to adjust.

Wisniewski is a principal research scientist in the Office of the CTO at Sophos. He's been a featured speaker at RSA, Infosecurity Europe, LISA, USENIX, Virus Bulletin and many Security BSides events around the world in addition to regularly consulting with NPR, CNN, CBC, The New York Times other media outlets.

About the Author

Mathew J. Schwartz

Mathew J. Schwartz

Executive Editor, DataBreachToday & Europe, ISMG

Schwartz is an award-winning journalist with two decades of experience in magazines, newspapers and electronic media. He has covered the information security and privacy sector throughout his career. Before joining Information Security Media Group in 2014, where he now serves as the executive editor, DataBreachToday and for European news coverage, Schwartz was the information security beat reporter for InformationWeek and a frequent contributor to DarkReading, among other publications. He lives in Scotland.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.