Quarterly Threat Report: 2017 Q3

PsExec, Malware Detection Ratios, and Top Threats per Industry

After a springtime of ransomworms and destructive malware, the third quarter of 2017 saw a continued spread of ransomware, new flaws in major protocols, and significant data loss events for many large organizations. It was an eventful quarter on top of an already eventful year, which brings us back to our original mission for these quarterly threat reports: to paint a less chaotic picture of the threat landscape. For 2017 Q3 Threat Report, we dive into:

  • Threat distribution by industry
  • Trends in SMB and RDP traffic
  • The opportunity to compromise—and protect—service accounts
  • Lessons learned and predictions

Download the latest report for a breakdown of the threat landscape organizations faced during 2017 Q3, as well as our key findings and takeaways. To learn more about our research methodologies and how 2017 Q3 stacks up against the first half of the year, visit our Threat Report home page.

Webcast: Hear directly from the researchers

Register and listen now.

Blog: Simplicity, Harmony, and Opportunity

Rebekah Brown, threat intelligence lead at Rapid7, discusses how she and the team converted the clutter that was 2017 Q3 into focused takeaways. Check out the blog post to learn more.

Industry “heavy hitters” (financial, professional, and retail) were still batting at professional levels across a wide spectrum of threat events.

– Rapid7 Quarterly Threat Report 2017 Q3

Keen observers will notice … that the diversity of threat events has grown across many industries.

– Rapid7 Quarterly Threat Report 2017 Q3

One thing has become clear over the past few quarters (and years): attackers don’t always need to create their own specialized tools to compromise or move around in the networks they target.

– Rapid7 Quarterly Threat Report 2017 Q3

Despite the attack vectors used in recent headline-grabbing breaches, adversaries continue to rely on a familiar pattern of compromising humans to eventually be in a position to install malware that gains them a foothold in an organization’s network.

– Rapid7 Quarterly Threat Report 2017 Q3