GoDubai
  
  
  
  
Citylife > Press Release
  Home Contact us Add to Favourites
Most Recent Postings
More Press Releses
Featured Sections

Event Finder
A daily roundup of exhibitions, promotions and other events in Dubai and the rest of the Emirates.
Submit an Event
Latest Dubai Press Releases >> Technology

 
  Share

High Rates of Botnet Reoccurrence and Automated Malware Demonstrate Importance of Intelligent and Automated Security Controls Combined with Incident-response Strategies

Dubai, UAE.– December 4, 2017; Fortinet® (NASDAQ: FTNT), the global leader in high-performance cybersecurity solutions, today announced the findings of its latest Global Threat Landscape Report. The research reveals that high botnet reoccurrence rates and an increase of automated malware demonstrate that cybercriminals are leveraging common exploits combined with automated attack methods at unprecedented speed and scale. For a detailed view of the findings and some important takeaways for CISOs read our blog.

“Whether it's WannaCry in May or Apache Struts in September, long-known and yet still-unpatched vulnerabilities serve as the gateway for attacks time and time again.” said Phil Quade, chief information security officer, Fortinet. “Remaining vigilant of new threats and vulnerabilities in the wild is critical, but organizations also need to keep sight of what is happening within their own environment. There is an incredible urgency to prioritize security hygiene and embrace fabric-based security approaches that leverage automation, integration, and strategic segmentation. Our adversaries are adopting automated and scripted techniques, so we need to raise their price of attacking to combat today's new normal.”

Highly Automated Attacks and Swarm Technology Becoming the Norm

Keeping up with swarm attacks, botnet reoccurrences, or the latest ransomware attack is daunting for the most strategic or staffed security team. If caught off guard, any organization can fall victim to the enormous amount of attacks at play today. To facilitate learning from what is happening in the wild, the intelligence included in the latest report offers views of the cyberthreat landscape from many perspectives. It focuses on three central and complementary aspects of that landscape, namely application exploits, malicious software, and botnets. It also examines important zero-day vulnerabilities and infrastructure trends of the corresponding attack surface to add context about the trajectory of cyberattacks affecting organizations over time.

Severity of Attacks Creates Urgency: 79% of firms saw severe attacks in Q3 2017. Research data overall during the quarter quantified 5,973 unique exploit detections, 14,904 unique malware variants from 2,646 different malware families, and 245 unique botnets detected. In addition, Fortinet identified 185 zero-day vulnerabilities to date this year.

Botnet Reoccurrence: Many organizations experienced the same botnet infections multiple times. This is an alarming data point. Either the organizations did not thoroughly understand the total scope of the breach and the botnet went dormant only to return again after business operations went back to normal, or the root cause was never found and the organization was re-infected with the same malware.

Swarming Vulnerabilities: The exact application exploit used by attackers to breach Equifax was the most prevalent with 6,000+ unique detections recorded last quarter, and it is once again the most prevalent this quarter. In fact, three exploits against the Apache Struts framework made the top 10 list of most prevalent. This is an example of how attackers swarm when they catch scent of widespread, vulnerable targets.

Mobile Threats: One in four firms detected mobile malware. Four mobile malware specific families stood out for the first time because of their prevalence. This is an indication that mobile is increasingly becoming a target and that the threats themselves are becoming automated and polymorphic. With holiday shopping season in full swing this trend is concerning as purchases from mobile devices will be frequent and IoT devices will be popular gifts to be purchased.

Pervasive and Evasive Malware: The most common functionality among top malware families was downloading, uploading, and dropping malware onto infected systems. This behavior helps slip malicious payloads through legacy defenses by wrapping them in dynamic packaging. In addition, malware strains that establish remote access connections, capture user input, and gather system information were common as well. These advanced techniques are becoming the norm recently and both data points demonstrate the increased intelligent and automated nature of malware today.

Ransomware is Always There: After a hiatus during the first half of the year, the Locky ransomware ramped up in a big way with three new campaigns. Roughly 10% of firms reported it. In addition, at least 22% of organizations detected some type of ransomware during the quarter.

Cybercriminals Target All Sizes: Midsize firms saw higher rates of botnet infections, demonstrating that they deal with more than their fair share of security problems. Cybercriminals potentially view midsize organizations as a “sweet spot” because often they do not have the same level of security resources and technologies as large enterprises but are seen as having valuable data assets. At the same time, the attack surface for midsize firms is growing at a fast pace because of their cloud adoption rates.

SCADA is Critical: In addition to high-volume attacks like those against Apache Struts, some threats fly below the radar or have severe consequences that spillover beyond the organization in which they occur. Among the exploits tracked that target various types of supervisory control and data access (SCADA) systems, only one crossed the 1/1,000 threshold of prevalence and none were observed by more than 1% of reporting firms. Unfortunately, enterprise network intrusions and outages are bad, but breaches into SCADA environments put the physical infrastructure on which many lives depend at risk, demonstrating the importance of this statistic.

Fight Automated Attacks with Actionable Intelligence and Automated Security

The findings this quarter reinforce many of the predictions unveiled recently by the Fortinet FortiGuard Labs global research team for 2018. Both the trends and the threat data potentially foreshadow a wave of new types of attacks coming in the near future. The cybercrime community is already adept at leveraging advances in automation to create attacks exploiting vulnerabilities with increasingly malicious payloads capable of spreading at speed and scale.

Only a security framework that utilizes advanced threat intelligence sharing and an open architecture to tie security and networking components into a single, automated, and proactive defense and response system can protect for the future. The ever-evolving attack surface requires the flexibility to quickly implement the latest security strategies and solutions with the ability to seamlessly add advanced techniques and technologies as they emerge, without throwing out the existing infrastructure.

As the volume, velocity, and automation of attacks increase, it becomes important to align patching prioritization to what is happening in the wild to focus better on the most critical. In addition, organizations need to ensure that a strategic threat detection and incident-response strategy is in place that complements technology and intelligence to speed up the process.

Report Methodology
The Fortinet Global Threat Landscape report is a quarterly view that represents the collective intelligence of FortiGuard Labs drawn from Fortinet's vast array of sensors during Q3 2017. Research data covers global, regional, industry sector, and organizational perspectives. To complement the report, Fortinet publishes a free, subscription-based Threat Intelligence Brief that reviews the top malware, virus, and web-based threats discovered every week, along with links to that week's most valuable Fortinet research.



Posted by : GoDubai Editorial Team
Viewed 1128 times
Posted on : Monday, December 4, 2017  
Replication or redistribution in whole or in part is expressly prohibited without the prior written consent of GoDubai.com.
Previous Story : Huawei Joins 5G-MoNArch Consortium to Lead Design of Architecture based on Network Slicing
Next Story : RIPE NCC Joins Arab Internet & Telecom Union as Observing Member
Email this article Print this article

Share this article with your friends and followers
NewsVine

Comments

Back to Top  
Most Viewed Press Release posted in the last 7 days
Reverse the effects of hair fall with Crescina Re-Growth HFSC Shampoo
Achieve whiter teeth at home with Spotlight Teeth White Strips
Golden Bridge Rectangle Diamonds Celebrates The Virtuosity Of Art Deco Design Genius
Noble™ Anti-aging Skin Care Products
Skyline Conducted Women of Substance: A Panel Discussion on Women Empowerment
UAE National Day celebrated in Skyline Carnival 2017
SUC signed MOU with Waldorf Astoria Ras Al Khaimah
SUC conducted Tour Guide Training Program for SCTDA
Calvin Klein Presents Steadfast Collection
Time for Some AIGNER Love
Mohammed bin Rashid Launches UAE Astronaut Programme
Mido's Multifort Escape - An uncompromising timepiece for exploring new horizons
RUNWAY DUBAI creates a new buzz campaign for fashion tourism
Gift gorgeous skin this festive season.
NIVEA MEN and Real Madrid Extend Partnership Globally Covering 70+ Countries
Sthan, bringing you authentic Frontier food from beyond borders, is now open in Dubai
Eberhard & Co. celebrates 130th Anniversary with special commemorative Edition C...
Coach Women's Lex Stainless Steel Bracelet Watch Collection
‘Artistry' - Branded Jewellery show at Malabar Gold & Diamonds' outlet in Meena ...
Together for Egyptian Cinema: A Million happy viewers
Celebrate the Festive Season With the Galleria on Al Maryah Island in Abu Dhabi
BOSS watches presents Navigator Collection
Absolutely Rejuvenated Skin to Start the New Year
Feast your way into the festive season at The Coffee Club
Bovet Presents Brilliant Is Beautiful Gala Benefitting Artists for Peace and Ju...
Dubai Land Department Launches its Smart Archiving System
Svelte BU4108-11H dress watch in black and rose gold plating makes an impact
Hottest Smartphone ever! Go get a true luxury phone from HUAWEI
Gourmet Gifting at Tub of Butter
Robinsons National Day Trunk Show
Over 200 developers across India participate in CREDAI's Indian Property Show
Lg V30+ Launches in the Uae and Makes Its Way Into Customers' Pockets and Lives
The First “Dilmah Silver Jubilee Gourmet” in a Middle East Hotel Opens in Pullma...
Unilever's Lipton Jebel Ali Tea Factory First in MENA to Achieve Bronze World Cl...
Ghantoot present 17th Emirates Open Polo Championship International
More Than 6,000 Bears Donated to Toys With Wings & Emirates Red Crescent for Nov...
Epson to showcases the future of large laser display technology at InfoComm MEA 2017
Dubai Customs reaffirms efforts to combat counterfeit goods with Japanese partners
Awqaf and Minors Affairs Foundation, Family Village Celebrate 46th UAE National Day
Automechanika Riyadh turns focus on exciting growth potential of Saudi automotiv...
The Verses of Peace Exhibition begins at the Abu Dhabi World Trade Centre
Glamazle.com names a Lipstick after Yardstick Marketing as a testimonial to the ...
Step into 2018 with skinade & slow down the signs of ageing
Green Hope on Former US Vice President Al Gore's 24 Hours of Climate Reality telecast
Saxo Bank 2018 Outrageous Predictions: 2018 will be a true roller coaster ride c...
The du Youth Council Holds a Volunteering Day at Al Ain Zoo with People of Deter...
Indian realty in revival mode, says industry expert
Strong Airline Profitability Continues in 2018
Cybercriminals Switching to Impersonation Attacks to Bypass Email Security Systems
Phumzile: UN Women uses rigorous methods to monitor and evaluate its programmes