Quarterly Threat Report:
Q4 and 2017 Wrap-Up

The Wild Ride That Was 2017:

Industry selfies, EternalBlue, and what's ahead

The past year was seemingly as far from "business as usual" as we could have imagined. Having visibility into the right data and event sources was a key theme throughout the year, and we'd be remiss if we didn't emphasize the role the Shadow Brokers dump had from April onward. For the final Quarterly Threat Report of 2017, we wrap up the year with:

  • Workday patterns in incident frequency
  • Threats facing the real estate and construction industries
  • EternalBlue exploits by ASO
  • Raising a toast to the defenders who are changing the game

Download the latest report for a breakdown of the threat landscape organizations faced during Q4 of 2017, as well as trends our team saw carry throughout the year. To learn more about our research methodologies and review the first three quarters of 2017 in more detail, visit our Threat Report home page.

Webcast: Hear from the experts

Register and listen now.

Blog: Our first annual wrap-up

Rebekah Brown, threat intelligence lead at Rapid7, summarizes how 2017 was one for the books. Hear her key takeaways from 2017 in this blog post

There was a marked “flip” in remote entry, along with a spike in threat probing and a flattening of threat movement all around Q4 of 2017.

– Rapid7 Quarterly Threat Report: Q4 and 2017 Wrap-Up

There has been a significant increase in intrusion attempts against the real estate sector during 2017 and leading into 2018, which was one of the largest changes in targeting across all of the sectors.

– Rapid7 Quarterly Threat Report: Q4 and 2017 Wrap-Up

We have also seen a high volume of EternalBlue Exploitation attempts—the highest out of any exploit we see across Project Heisenberg.

– Rapid7 Quarterly Threat Report: Q4 and 2017 Wrap-Up