• Skip to primary navigation
  • Skip to main content
  • Skip to footer

Cisco Umbrella

Enterprise network security

  • Contact Sales
  • Login
    • Umbrella Login
    • Cloudlock Login
  • Search
Search
  • Why Us
    • Why Cisco Umbrella
      • Why Try Umbrella
      • Why DNS Security
      • Why Umbrella SASE
      • Our Customers
      • Customer Stories
      • Why Cisco Security
    • Fast Reliable Cloud
      • Global Cloud Architecture
      • Cloud Network Status
      • Global Cloud Network Activity
    • Unmatched Intelligence
      • A New Approach to Cybersecurity
      • Interactive Intelligence
      • Cyber Attack Prevention
      • Umbrella and Cisco Talos Threat Intelligence
    • Extensive Integrations
      • IT Security Integrations
      • Hardware Integrations
      • Meraki Integration
      • Cisco Security for Chromebook
  • Products
    • Cisco Umbrella Products
      • Cisco Umbrella Cloud Security Service
      • Recursive DNS Services
      • Cisco Umbrella SIG
      • Umbrella Investigate
      • What’s New
    • Product Packages
      • Cisco Umbrella and Cisco Secure Access Packages
      • – DNS Security Essentials Package
      • – DNS Security Advantage Package
      • – SIG Essentials Package
      • – SIG Advantage Package
      • Umbrella Support Packages
      • Cisco Umbrella for Government Packages
    • Functionality
      • DNS-Layer Security
      • Secure Web Gateway
      • Cloud Access Security Broker (CASB)
      • Cloud Data Loss Prevention (DLP)
      • Cloud-Delivered Firewall
      • Cloud Malware Protection
      • Remote Browser Isolation (RBI)
    • Man on a laptop with headphones on. He is attending a Cisco Umbrella Live Demo
  • Solutions
    • SASE & SSE Solutions
      • Your SSE journey with Cisco
      • Cisco Umbrella SASE
      • Secure Access Service Edge (SASE)
      • What is SASE
    • Functionality Solutions
      • Web Content Filtering
      • Secure Direct Internet Access
      • Shadow IT Discovery & App Blocking
      • Fast Incident Response
      • Unified Threat Management
      • Protect Mobile Users
      • Securing Remote and Roaming Users
      • Umbrella and Duo Layered Protection
    • Network Solutions
      • Guest Wi-Fi Security
      • SD-WAN Security
      • Off-Network Endpoint Security
    • Industry Solutions
      • Government and Public Sector Cybersecurity
      • Financial Services Security
        • – FTC Safeguards Rule Compliance 2023
      • Cybersecurity for Manufacturing
      • Higher Education Security
      • K-12 Schools Security
      • Healthcare, Retail and Hospitality Security
      • Enterprise Cloud Security
      • Small Business Cybersecurity
  • Resources
    • Content Library
      • Top Resources
      • Research Reports
      • Case Studies
      • Videos
      • Datasheets
      • eBooks
      • Solution Briefs
      • Cybersecurity Webinars
    • International Documents
      • Deutsch/German
      • Español/Spanish
      • Français/French
      • Italiano/Italian
      • 日本語/Japanese
    • Security Definitions
      • What is DNS Security
      • What is a Secure Web Gateway
      • What is a Cloud Access Security Broker (CASB)
      • What is Security Service Edge (SSE)
      • What is Secure Access Service Edge (SASE)
      • Cyber Threat Categories and Definitions
    • For Customers
      • Support
      • Customer Success Webinars
      • Free Trial Quick Start Guide
      • Free Trial Help and Tips
  • Trends & Threats
    • Market Trends
      • Generative AI Cybersecurity Risks and Rewards
      • Hybrid Workforce
      • Rise of Remote Workers
      • Secure Internet Gateway (SIG)
    • Security Threats
      • How to Stop Phishing Attacks
      • Malware Detection and Protection
      • Ransomware is on the Rise
      • Cryptomining Malware Protection
      • Cybersecurity Threat Landscape
      • Global Cyber Threat Intelligence
    •  
    • Woman connecting confidently to any device anywhere
  • Partners
    • Channel Partners
      • Partner Program
      • Become a Partner
    • Service Providers
      • Secure Connectivity
      • Managed Security for MSSPs
      • Managed IT for MSPs
    •  
    • Person looking down at laptop. They are connecting and working securely
  • Blog
    • News & Product Posts
      • Latest Posts
      • Products & Services
      • Customer Focus
      • Feature Spotlight
    • Cybersecurity Posts
      • Security
      • Threats
      • Cybersecurity Threat Spotlight
      • Research
    •  
    • Register for a webinar - with illustration of connecting securely to the cloud
  • Contact Us
  • Umbrella Login
  • Cloudlock Login
  • Free Trial
Clearing search keywords

Cybersecurity threat landscape

Scaling for threats in motion

Download the report

The threat landscape continues rapid evolution

Cyber attackers are producing new tricks. In our most recent report, we dive into the latest major threat trends:

  1. Trojans and droppers are being re-used

  2. Multi-staged attacks are becoming the norm

  3. Cryptomining leads to other cyber threats

  4. Pandemic topics open new attack routes

Download the report

Change told by the numbers

91%

of customers saw a domain linked to malware in 2020

2x

Cryptomining attack query volumes twice as large as next greatest attack type

40%

Phishing threats jumped 40% between 2019 and 2020, driven partly by pandemic themes

Trend #1: Repurposing trojans and droppers for new forms of malware delivery

Attackers are using and re-using malware that has been proven to deliver results. They’re doing this as part of a larger, orchestrated attack chain. Two major reasons for their success are:

  • Their ability to deploy follow-up malware that does further damage down the cyber attack chain
  • Their highly distributed command-and-control (C2) infrastructure makes take-down harder
From the Cybersecurity Threat Landscape Report: The distribution of Emotet C2 loaders is shown by green circles on gray continents of this map of the globe.


Trend #2: Orchestrated, multi-staged, and evasive attacks are becoming the norm

Attackers are employing complex attacks that use new delivery mechanisms such as macros and other legitimate application functionality to:

  • Evade detection
  • Hide the theft of data
  • Coordinate through command and control servers


“Cybersecurity professionals need new tricks to sort the hidden bad actors . . . One tool that could reveal these hidden threats is the use of entropy.”

-Shyam S. Ramaswami
Security Researcher, Cisco

Download the report Read the blog


Trend #3: Cryptomining opens the door to other cyber threats

Some think that cryptomining is not a big concern. But there are situations that pose more risk, such as cryptomining software that, when loaded, becomes the first step in a multi-staged attack on your infrastructure.


From the Cybersecurity Threat Landscape Report: This graph shows jumps in malicious query traffic by geographic region over several months. North America has exponentially more malicious traffic than EMEA, APJC or LATAM.

Trend #4: Attackers using pandemic-related themes to pick the cyber locks

The pandemic has a lot of people on edge. Bad actors are taking advantage of our interest in the topic and setting up numerous sites to phish for credentials and drop malware.

Key takeaways

The world is changing, threats are changing, and you should be changing too.

Woman looking confidently out at camera

SASE solutions

Implement scalable first-line-of-defense tools, like cloud security technologies and Secure Access Service Edge (SASE) solutions

Brain illustration

Interactive threat intelligence

Leverage timely, accurate threat intelligence that allows for data to be incorporated into security monitoring.

Gears illustration

Automated prevention

Embrace automated event sequencing and machine learning to prevent attacks

Download the report Start a free trial

Follow Us

Facebook X LinkedIn Youtube

Footer Sections

What we make

  • Cloud Security Service
  • DNS-Layer Network Security
  • Secure Web Gateway
  • Security Packages

Who we are

  • Global Cloud Architecture
  • Cloud Network Status
  • Cloud Network Activity
  • OpenDNS is now Umbrella
  • Cisco Umbrella Blog

Learn more

  • Webinars
  • Careers
  • Support
  • Cisco Umbrella Live Demo
  • Contact Sales
Umbrella by Cisco
208.67.222.222+208.67.220.220
2620:119:35::35+2620:119:53::53
Sign up for a Free Trial
  • Cisco Online Privacy Statement
  • Terms of Service
  • Sitemap

© 2025 Cisco Umbrella