2019's top cyberattack techniques

By Ian Barker
Published 4 years ago

Cyber attack

Recorded Future has been logging sandbox submissions from its platform as mapped to the MITRE ATT&CK framework over 2019 and has released a list of the most frequently referenced tactics and techniques.

The most common tactic in the results is Defense Evasion and the most common technique Security Software Discovery. Defense Evasion involves avoiding detection by, among other things, hiding in trusted processes, obfuscating malicious scripts, and disabling security software.

The next most common tactic, Discovery, involves knowledge and understanding of a victim network or host.

The researchers suggest Defense Evasion's dominance on this list indicates one of three things: a heightened concern among cyberattackers with security solutions; an improvement in network defenses up to the present; or both.

Nearly all of the top 10 techniques were found to be associated with many prominent malware variants in the sandbox results. These include trojans like Emotet, Trickbot, and njRAT; botnets like Gafgyt and Mirai; and cryptocurrency miners like Coinminer. Out of approximately 1,180 separate malware variants in our sandbox results, the top referenced malware variants were Trickbot, Coinminer, and njRAT/Bladabindi.

"The MITRE ATT&CK knowledge base provides a common language for the cybersecurity community to use when describing adversary behaviors," says Jon Baker, MITRE department head for adversary emulation and orchestration. "We continue to be inspired by the ways the entire community is using ATT&CK to improve their defenses."

In many cases, the operation of these attack techniques involves the use of legitimate software capabilities, which can make purely signature-based detection difficult, if not impossible, in recognizing malicious activity. Overall, effective mitigation of these techniques requires a defense-in-depth approach and high familiarity with normal network configurations and activity.

2019's top cyberattack techniques

Recent Headlines

Ubuntu Linux-based Voyager 24.04 LTS unites GNOME and Xfce

Kioxia unveils TransMemory U304 USB flash drive

Microsoft and Estée Lauder transform the beauty industry with AI

Microsoft and IBM open source MS-DOS 4.00

Software file converters: How they work and why you need them

Human risk management automation can help beat burnout

Vivaldi 6.7 debuts Memory Saver performance booster, expands Feed Reader capabilities

Most Commented Stories

Say goodbye to Microsoft Windows 11 and hello to Nitrux Linux 3.4.0 'pl'

The stunning Windows 13 -- yes, 13! -- is the Microsoft operating system we want

Microsoft 'improves' Windows 11 by bringing ads to the Start menu in the US

Windows 11 slammed for its 'comically bad' performance even on high-end hardware

Microsoft is up to its old tricks yet again -- Windows 10 users harassed with full-screen Windows 11 upgrade warnings

Outrageous: Microsoft to charge $61 for Windows 10 updates -- consider switching to Linux!

Microsoft releases preview version of Office 2024 for Windows and macOS -- download it now!

Easter giveaway! Get a licensed copy of 'VideoProc Converter for Windows/Mac' (worth $78.90) for FREE