Cisco UK & Ireland Blog

Cisco’s 2019 Threat Report: What are the 5 biggest threats to plan for?

February 14, 2019

Valentine’s Day.  A day of celebrating romance, eating delicious chocolates, and…er…relentless cynicism.

My two favourite examples from this morning are my local locksmiths doing a ‘Buy One Get One Free’ on lock changes for this day only’ – one for those whose Valentine’s Day plans go slightly awry.

And a friend of mine tweeting that all the elderly couples sharing their stories of how they fell in love in When Harry met Sally probably aren’t with us any more…

I don’t begrudge anyone celebrating Valentine’s, but I’m certainly on the cynics’ side when it comes to certain aspects of the day (the chocolate side I am fully on board with however).

Anyway, on this day of love, we’ve decided to launch our 2019 Threat Report.  And it got me thinking about how cynical I am about cyber criminals.  Essentially, they are going to keep up their attempts to cause chaos and steal data, despite organisations stepping up their defences.

People are often asking us, “What’s the next big threat?” or, “What are your predictions for what hackers will do in the future?”.

The best way to answer that question is to look back at what the bad guys have already done (and, unfortunately, done well) – because that’s the closest we’ll get to predicting the future without the use of a crystal ball. Cyber criminals are just like the rest of us in that respect.  Found something that works? Do it again. And again.

Essentially, they are always looking for gaps. For weaknesses.

Our new threat report contains intricate and revealing details on five cyber threats.  We’ve chosen to focus on these particular threats, not just because they were big events, but because we think that these threats, or something similar, could very well appear again in the near future.

Namely, these are:

  • Emotet, a trojan involved in malware distribution
  • VPNFilter, a modular IoT threat.
  • Unauthorised Mobile Device Management
  • Cryptomining.
  • Olympic Destroyer, an example of destructive cyberattack campaigns

These five threats are important for the attack trends they represent. Take modular threats, for example. These download plugins or other threats, depending on either the type of device infected or the intended goals of the attackers.

  • VPN Filter’s third stage was dedicated to pulling down plug-ins to help the attackers achieve their intended goal.
  • Emotet’s distribution system allowed for multiple payloads, from infostealers to ransomware, depending on the type of system it infected.
  • The successful installation of unauthorized mobile device management (MDM) profiles opens the door for an attacker to install any sort of malicious app he or she wishes.

We saw plenty of such modular threats in 2018, and we would be surprised if we didn’t see more in the future.

For the full threat report (it’s about a 10 minute read) please visit

Leave a comment


  1. Great report!