The internet has never been an especially safe place, but at least one small corner of it–email–was less perilous for most users in 2017.
That’s not to say that hackers aren’t actively using email for criminal activities, like delivering malware. They are. But according to the 2018 Trustwave Global Security Report, spam (as a percentage of inbound email) dropped to a 10-year low of 39 percent in 2017. That’s a sharp decrease from 59 percent in 2016, and a nosedive from 87 percent in 2009, according to an analysis from Trustwave, a Chicago, Il.-based information security company.
Why the dramatic decline? There are three factors at play, according to the company: a shift in the economics of the underground spamming ecosystem; increased attention from law enforcement; and the dormancy of the Necurs botnet, a wildly effective distributor of ransomware, spam, and malware.
Still, there’s no reason to get comfortable and complacent just yet, according to Trustwave.
“The start-and-stop nature of the [Necurs] botnet makes it difficult to conclude the decline represents an actual decrease in activity or shrinkage of the botnet.”
The threat level on email may have been low(ish) last year, but that was not true for peripheral devices. While consumer demand grows for smart, internet-connected products–including everything from refrigerators to kids’ toys–the Internet of Things (IoT) has become a ripe target for attackers. Over the course of 2017, Trustwave SpiderLabs published two advisories on weaknesses in Netgear routers and Brother printers. (Trustwave says that Netgear subsequently released a firmware patch for the company’s routers, but Brother has yet to release a patch for its printers.)
“Devices are particularly vulnerable due to lack of hardening in their software and the difficulty of distributing software updates to them,” the report said.
Another area of concern: web-based applications. Of all the applications that Trustwave scanned in 2017, 100% of them had at least one vulnerability. The median number of vulnerabilities identified in each application was 11, but the highest number of vulnerabilities detected in a single application was a breathtaking 154. Most application vulnerabilities, according to Trustwave, were related to improper handling of HTTP (hypertext transfer protocol) cookies, which could allow an attacker to eavesdrop on a session.
As for predicting the future of internet security, Trustwave is not optimistic.
“We’ve never seen the threat landscape get better over time and see no reason to believe that will change in the future… Overall, targeted attacks are on the rise, and attackers continue to grow more sophisticated.”