Destructive attacks spread at record pace
Poor cybersecurity hygiene and risky application use enables worm-like attacks at record speed in the Asia-Pacific, the latest Global Threat Landscape Report from Fortinet said.
In a statement, the report found that adversaries are spending less time developing ways to break in and are instead focusing on leveraging automated and intent-based tools to infiltrate systems.
“The technology innovation that powers our digital economy creates opportunity for good and bad in cybersecurity. Yet, some- thing we don’t talk about often enough is the opportunity everyone has to limit bad consequences by employing consistent and effective cybersecurity hygiene,” said Phil Quade, chief information security officer at Fortinet.
No sweat
“Cybercriminals aren’t breaking into systems using new zero day attacks. They are primarily exploiting already discovered vulnerabilities. This means they can spend more of their resources on technical innovations mak- ing their exploits difficult to detect,” he said.
He explained that newer worm-like capabilities spread infections at a rapid pace and can scale more easily across platforms or vectors. Intent-based security approaches that leverage the power of automation and integration “are critical to combat this new normal.”
Crime as a service
Threats like WannaCry were remarkable for how fast they spread and for their ability to target a wide range of industries. Yet, they could have been largely prevented if more organizations practiced consistent cyber hygiene, the report stated. Adversaries are still seeing a lot of success in using hot exploits for their attacks that have not been patched or updated.
To complicate matters more, once a particular threat is automated, attackers are no longer limited to targeting specific industries, therefore, their impact and leverage only increases over time.
Ransomworms on the rise
Both WannaCry and NotPetya targeted a vulnerability that only had a patch available for a couple of months. Organizations who were spared from these attacks tended to have one of two things in common. They had either deployed security tools that had been updated to detect attacks targeting this vulnerability, and/ or they applied the patch when it became available.
Prior to WannaCry and NotPetya, network worms had taken a hiatus over the last decade. /