Webroot Threat Report: Mid-Year Update

The act of prediction, itself, is the application of probability to determine what might happen. For example, if a person takes an action once, you might expect them to do it again. However, if that action caused a poor or negative result, you’d most likely expect the person not to do it again. Now, let’s make it more complex. Say that the person has taken the action in some situations, but not in others. By analyzing the details of each situation, determining the differences and factors in each one, you could begin to predict the likelihood of the person’s actions in a given context. Thus, to make a reasonable prediction for the future, you must have clear insight into past events, complete with context.

In essence, that is what Webroot strives to do with threat intelligence. By examining internet data and objects to determine threat trends, we can calculate the probability of future threat behavior. As millions of websites, domains, and IP addresses change state from benign to malicious and back, we can analyze trends and map the relationships between them, as well as with other internet objects, such as files and applications. This, in turn, allows us to better predict the potential for benign websites and IPs to turn malicious and vice versa, and even predict where future attacks may originate.

Upon examining our threat intelligence data from the first half of 2019, it’s fairly clear the trends we’ve observed over the last several years are still going strong. In particular, we’ve continued to see increases in polymorphism, phishing, and attack innovation overall.

This mid-year update to the annual Webroot Threat Report showcases data from the Webroot® Platform, our advanced machine learning-based threat analysis architecture, as well as trends, insights, and predictions from the Webroot Threat Research Team