Threat landscape report reveals that cyber attacks per company increased by 82 percent in Q4 2017>
Continuity Central
Fortinet has published the findings of its latest Global Threat Landscape Report: the research reveals that attacks per company increased significantly over the previous quarter. In addition, automated and sophisticated swarm attacks are accelerating making it increasingly difficult for organizations to protect users, applications, and devices. The sophistication of attacks targeting organizations is accelerating at an unprecedented rate. Digital transformation isnât just reshaping business, cyber criminals are leveraging the expanding attack surface it creates for new disruptive opportunities to attack. They are implementing newer swarm-like capabilities while simultaneously targeting multiple vulnerabilities, devices, and access points. The combination of rapid threat development combined with the increased propagation of new variants is increasingly difficult for many organizations to combat. An average of 274 exploit detections per company were detected, which is a significant increase of 82 percent over the previous quarter. The number of malware families also increased by 25 percent and unique variants grew by 19 percent. The data not only indicates growth in volume, but also an evolution of the malware as well. In addition, encrypted traffic using HTTPS and SSL grew as a percentage of total network traffic to a high of nearly 60 percent on average. While encryption can certainly help protect data in motion as it moves between core, cloud, and endpoint environments, it also represents a real challenge for traditional security solutions. Three of the top twenty attacks identified targeted IoT devices and exploit activity quadrupled against devices like WiFi cameras. None of these detections were associated with a known or named CVE, which is one of the troubling aspects of vulnerable IoT devices. In addition, unlike previous attacks, which focused on exploiting a single vulnerability, new IoT botnets such as Reaper and Hajime can target multiple vulnerabilities simultaneously. This multi-vector approach is much harder to combat. Reaperâs flexible framework means that, rather than the static, pre-programmed attacks of previous IoT exploits, Reaperâs code is easily updated to swarm faster by running new and more malicious attacks as they become available. Demonstrating its swarm abilities, exploit volume associated with Reaper exhibited a jump from 50K to 2.7 million over a few days before dropping back to normal. Several strains of ransomware topped the list of malware variants. Locky was the most widespread malware variant and GlobeImposter followed as the second. A new strain of Locky emerged, tricking recipients with spam before requesting a ransom. In addition, there was a shift on the darknet from only accepting Bitcoin for payment to other forms of digital currency such as Monero. Cryptomining malware increased, which seems to be intertwined with the changing price of Bitcoin. Cyber criminals recognize the growth in digital currencies and are using a trick called cryptojacking to mine cryptocurrencies on computers using CPU resources in the background without a user knowing. An uptick in exploit activity against industrial control systems (ICS) and safety instrumental systems (SIS) suggests these under-the-radar attacks might be climbing higher on attackersâ radar. Steganography is an attack that embeds malicious code in images. Itâs an attack vector that has not had much visibility over the past several years, but it appears to be on the resurgence. The threat data in this quarterâs report reinforces many of the predictions unveiled by the Fortinet FortiGuard Labs global research team for 2018, which predicted the rise of self-learning hivenets and swarmbots on the horizon.
Link: http://www.continuitycentral.com/index.php/news/technology/2696-threat-landscape-report-reveals-that-cyber-attacks-per-company-increased-by-82-percent-in-q4-2017