Cy­ber at­tacks to spread in­fec­tion at record pace among APAC or­ga­ni­za­tions

Daily Mirror (Sri Lanka) - - ICT - On the rise: Crit­i­cal-sever­ity of at­tacks: de­vices: us­age: En­crypted web traf­fic:

Fortinet, the global leader in high­per­for­mance cy­ber­se­cu­rity so­lu­tions, an­nounced the find­ings of its lat­est Global Threat Land­scape Re­port re­cently.

The re­search re­veals that glob­ally, as well as in Asia Pa­cific, poor cy­ber­se­cu­rity hy­giene and risky ap­pli­ca­tion us­age en­ables de­struc­tive worm-like at­tacks to take ad­van­tage of hot ex­ploits at record speed. Ad­ver­saries are spend­ing less time de­vel­op­ing ways to break in, and in­stead are fo­cus­ing on lever­ag­ing au­to­mated and in­tent-based tools to in­fil­trate with more im­pact to busi­ness con­ti­nu­ity.

Com­ment­ing on this Ra­jesh Mau­rya, Re­gional Vice Pres­i­dent, In­dia & SAARC, Fortinet said, “The tech­nol­ogy in­no­va­tion that pow­ers our dig­i­tal econ­omy cre­ates op­por­tu­nity for good and bad in cy­ber­se­cu­rity. Yet, some­thing we don’t talk about of­ten enough is the op­por­tu­nity every­one has to limit bad con­se­quences by em­ploy­ing con­sis­tent and ef­fec­tive cy­ber­se­cu­rity hy­giene. Cy­ber­crim­i­nals aren’t break­ing into sys­tems us­ing new zero day at­tacks, they are pri­mar­ily ex­ploit­ing al­ready dis­cov­ered vul­ner­a­bil­i­ties. This means they can spend more of their re­sources on tech­ni­cal in­no­va­tion­s­mak­ing their ex­ploits dif­fi­cult to de­tect. Newer worm-like ca­pa­bil­i­ties spread in­fec­tions at a rapid pace and can scale more eas­ily across plat­forms or vec­­tent-based se­cu­rity ap­proaches that lever­age the power of au­to­ma­tion and in­te­gra­tion are crit­i­cal to com­bat this new ‘nor­mal’.”

Crime-as-a-ser­vice in­fra­struc­ture and au­ton­o­mous at­tack tools en­able ad­ver­saries to eas­ily op­er­ate on a global scale. Threats like Wan­nacry were re­mark­able for how fast they spread and for their abil­ity to tar­get a wide range of in­dus­tries. Yet, they could have been largely pre­vented if more or­ga­ni­za­tions prac­ticed con­sis­tent cy­ber hy­giene. Un­for­tu­nately, ad­ver­saries are still see­ing a lot of suc­cess in us­ing hot ex­ploits for their at­tacks that have not been patched or up­dated. To com­pli­cate mat­ters more, once a par­tic­u­lar threat is au­to­mated, at­tack­ers are no longer lim­ited to tar­get­ing spe­cific in­dus­tries, there­fore, their im­pact and lever­age only in­creases over time.

Both Wan­nacry and Not­petya tar­geted a vul­ner­a­bil­ity that only had a patch avail­able for a cou­ple of months. Or­ga­ni­za­tions who were spared from these at­tacks tended to have one of two things in com­mon. They had either de­ployed se­cu­rity tools that had been up­dated to de­tect at­tacks tar­get­ing this vul­ner­a­bil­ity, and/ or they ap­plied the patch when it be­came avail­able. Prior to Wan­nacry and Not­petya, net­work worms had taken a hia­tus over the last decade.

More than two-thirds of firms ex­pe­ri­enced high or crit­i­cal ex­ploits in Q2 2017. Ninety per­cent of or­ga­ni­za­tions recorded ex­ploits for vul­ner­a­bil­i­ties that were three or more years old. Even 10 or more years af­ter a flaw’s re­lease, 60 per­cent of firms still ex­pe­ri­enced re­lated at­tacks.q2 data over­all quan­ti­fied 184 bil­lion to­tal ex­ploit de­tec­tions, 62 mil­lion mal­ware de­tec­tions, and 2.9 bil­lion bot­net com­mu­ni­ca­tions at­tempts.

dur­ing down­time: Au­to­mated threats do not take week­ends or nights off. Nearly 44 per­cent of all ex­ploit at­tempts oc­curred on either Satur­day or Sun­day.the av­er­age daily vol­ume on week­ends was twice that of week­days. to many de­fen­sive tools that have poor vis­i­bil­ity into en­crypted com­mu­ni­ca­tions.

Risky ap­pli­ca­tions cre­ate risk vec­tors, which open the door for threats. Or­ga­ni­za­tions al­low­ing a large amount of peer-to-peer (P2P) ap­pli­ca­tions re­port seven times as many bot­nets and mal­ware as those that don’t al­low P2P ap­pli­ca­tions. Sim­i­larly, or­ga­ni­za­tions al­low­ing a lot of proxy ap­pli­ca­tions re­port al­most nine times as many bot­nets and mal­ware as those that don’t al­low proxy ap­pli­ca­tions.sur­pris­ingly, there was no ev­i­dence that higher us­age of cloud-based or so­cial me­dia ap­pli­ca­tions leads to in­creased num­bers of mal­ware and bot­net in­fec­tions. Sec­tor anal­y­sis: The ed­u­ca­tion sec­tor led in nearly ev­ery mea­sure of in­fra­struc­ture and ap­pli­ca­tion us­age when grouped by el­e­ment type and in­dus­try. The en­ergy sec­tor ex­hib­ited the most con­ser­va­tive ap­proach with all oth­ers fall­ing in be­tween.

Al­most one in five or­ga­ni­za­tions re­ported mal­ware tar­get­ing mo­bile de­vices. IOT de­vices con­tinue to present a chal­lenge be­cause they don’t have the level of con­trol, vis­i­bil­ity, and pro­tec­tion that tra­di­tional sys­tems re­ceive.

Data shows the se­cond straight record high this quar­ter for en­crypted com­mu­ni­ca­tions on the web. The per­cent­age of HTTPS traf­fic in­creased over HTTP to 57 per­cent. This con­tin­ues to be an im­por­tant trend be­cause threats are known to use en­crypted com­mu­ni­ca­tions for cover.

Newspapers in English

Newspapers from Sri Lanka

© PressReader. All rights reserved.