GoDubai
  
  
  
  
Citylife > Press Release
  Home Contact us Add to Favourites
Most Recent Postings
More Press Releses
Featured Sections

Event Finder
A daily roundup of exhibitions, promotions and other events in Dubai and the rest of the Emirates.
Submit an Event
Latest Dubai Press Releases >> Technology

 
  Share

Cybercriminals Are Exploiting Known Vulnerabilities and Maximizing Impact With a Hybrid Threat Known as Ransomworms

Dubai, UAE, September 4, 2017: Fortinet® (NASDAQ: FTNT), the global leader in high-performance cybersecurity solutions, today announced the findings of its latest Global Threat Landscape Report. The research reveals that poor cybersecurity hygiene and risky application usage enables destructive worm-like attacks to take advantage of hot exploits at record speed. Adversaries are spending less time developing ways to break in, and instead are focusing on leveraging automated and intent-based tools to infiltrate with more impact to business continuity.

“The technology innovation that powers our digital economy creates opportunity for good and bad in cybersecurity. Yet, something we don't talk about often enough is the opportunity everyone has to limit bad consequences by employing consistent and effective cybersecurity hygiene,” said Phil Quade, chief information security officer, Fortinet. “Cybercriminals aren't breaking into systems using new zero day attacks, they are primarily exploiting already discovered vulnerabilities. This means they can spend more of their resources on technical innovations making their exploits difficult to detect. Newer worm-like capabilities spread infections at a rapid pace and can scale more easily across platforms or vectors. Intent-based security approaches that leverage the power of automation and integration are critical to combat this new ‘normal'.”

Effective Cyber Hygiene is Critical to Fight Worm-like Attacks

Crime-as-a-Service infrastructure and autonomous attack tools enable adversaries to easily operate on a global scale. Threats like WannaCry were remarkable for how fast they spread and for their ability to target a wide range of industries. Yet, they could have been largely prevented if more organizations practiced consistent cyber hygiene. Unfortunately, adversaries are still seeing a lot of success in using hot exploits for their attacks that have not been patched or updated. To complicate matters more, once a particular threat is automated, attackers are no longer limited to targeting specific industries, therefore, their impact and leverage only increases over time.

Ransomworms on the Rise: Both WannaCry and NotPetya targeted a vulnerability that only had a patch available for a couple of months. Organizations who were spared from these attacks tended to have one of two things in common. They had either deployed security tools that had been updated to detect attacks targeting this vulnerability, and/or they applied the patch when it became available. Prior to WannaCry and NotPetya, network worms had taken a hiatus over the last decade.


Critical-severity of Attacks: More than two-thirds of firms experienced high or critical exploits in Q2 2017. 90% of organizations recorded exploits for vulnerabilities that were three or more years old. Even ten or more years after a flaw's release, 60% of firms still experienced related attacks. Q2 data overall quantified 184 billion total exploit detections, 62 million malware detections, and 2.9 billion botnet communications attempts.

Active During Downtime: Automated threats do not take weekends or nights off. Nearly 44% of all exploit attempts occurred on either Saturday or Sunday. The average daily volume on weekends was twice that of weekdays.

Technology Use Foreshadows Threat Risk

Speed and efficiency are business critical in the digital economy, which means that there is zero tolerance for any device or system downtime. As usage and configuration of technology such as applications, networks, and devices evolves, so do the exploit, malware, and botnet tactics of cybercriminals. Cybercriminals are ready and able to exploit weakness or opportunities in these new technologies or services. In particular, business-questionable software usage and the vulnerable IoT devices of hyperconnected networks represent potential risk because they are not being consistently managed, updated, or replaced. In addition, while good for Internet privacy and security, encrypted Web traffic also presents a challenge to many defensive tools that have poor visibility into encrypted communications.

Application Usage: Risky applications create risk vectors, which open the door for threats. Organizations allowing a large amount of peer-to-peer (p2p) applications report seven times as many botnets and malware as those that don't allow p2p applications. Similarly, organizations allowing a lot of proxy applications report almost nine times as many botnets and malware as those that don't allow proxy apps. Surprisingly, there was no evidence that higher usage of cloud-based or social media applications leads to increased numbers of malware and botnet infections.

Sector Analysis: The education sector led in nearly every measure of infrastructure and application usage when grouped by element type and industry. The energy sector exhibited the most conservative approach with all others falling in between.

IoT Devices: Almost one in five organizations reported malware targeting mobile devices. IoT devices continue to present a challenge because they don't have the level of control, visibility, and protection that traditional systems receive.

Encrypted Web Traffic: Data shows the second straight record high this quarter for encrypted communications on the web. The percentage of HTTPS traffic increased over HTTP to 57%. This continues to be an important trend because threats are known to use encrypted communications for cover.

Report Methodology
The Fortinet Global Threat Landscape report is a quarterly view that represents the collective intelligence of FortiGuard Labs drawn from Fortinet's vast array of network devices and sensors within production environments during Q2 2017.  Research data covers global, regional, industry sector, and organizational perspectives. It also focuses on three central and complementary aspects of the threat landscape: application exploits, malicious software, and botnets. In addition, Fortinet publishes a free, subscription-based Threat Intelligence Brief that reviews the top malware, virus, and web-based threats discovered every week, along with links to that week's most valuable Fortinet research.

 



Posted by : GoDubai Editorial Team
Viewed 4575 times
Posted on : Monday, September 4, 2017  
Replication or redistribution in whole or in part is expressly prohibited without the prior written consent of GoDubai.com.
Previous Story : Western Digital® Breaks Boundaries with World's Highest-Capacity microSD™ Card
Next Story : Red Hat and Microsoft Simplify Containers to Help Enterprises Accelerate to the Hybrid Cloud
Email this article Print this article

Share this article with your friends and followers
NewsVine

Comments

Back to Top  
Most Viewed Press Release posted in the last 7 days
Sacoor Brothers launches FIRST ever Fragrance “GENTLEMAN”
Trend Alert! Summer Can Never Be a Forgotten Memory With kate spade
Caudalie The Des Vignes
Get Your Summer Glow From Within
Palmer's Coconut Oil Formula for Body and Hair
Corum Presents La Grande Vie
Caudalie and Al Jalila Foundation Join Hands for the Launch of ‘Glamour for Good'
Express Your Signature Style
The Memovox Adventure
Tissot Lepine It's making a comeback Vintage
LG launches new AI-powered premium LG G7 ThinQ+ flagship for GCC consumers
The Rado HyperChrome Skeleton Automatic Chronograph Limited Edition
Manero Peripheral (43 Mm) Classic Watchmaking Meets State -of-the - Art Technology
New short indie movie ‘The Peril' is a wake-up call to parents about internet sa...
Dubai Parks and Resorts and GEMS Education launch the second annual Summer Camp
The Lacoste Family Capbreton Collection
OMEGA's second "Speedy Tuesday" sells in 01:53.17
Ferrari takes the “Red Dot: Best of the Best” design award for the fourth year r...
Sandooq Al Watan and DarkMatter Launch Second Phase of "Emirati Coder"
Olivia Burton Watercolour Florals
Ulysse Nardin Salutes Us Navy With Limited Edition Executive Skeleton Tourbillon
Beat the heat with mini dresses
Director of Dubai Customs discusses fostering business with South Korean Consul ...
Tridom, Ras Al Khaimah's first indoor adventure park, opens its doors in Manar Mall
Cerruti 1881 Infinite Love
UAE's Emirates Transport Chooses Oracle Cloud to Drive Rapid Expansion and Deliv...
World-first as the F1® Innovation Prize prepares to transform fan's winning tech...
Open Dairies by Parmigiano Reggiano Consortium: A gastronomical event for touris...
Enjoy an all-day breakfast at Sophie's Café
Airbus unveils winners of its ‘Entaliq in KSA' initiative
DHL Express drives energy efficient solutions with new electric vehicles in Dubai
Outstanding Guide programme launched by Sharjah Museums Authority
Shopping assistance for Arabic-speaking passengers in the summer months
Abu Dhabi Airports Celebrates Success at CIPS Middle East Supply Management Awards
Dubai Creek Harbour Project Celebrates 5 Million Man Hours with Zero Lost Time A...
Launch of PINAR Water - Turkey
2XL launches luxurious Louna sofa set in velvet
Dubai Business Women Council witnesses 28.3% growth in total membership during f...
Sighting Immediate Hiring of UAE Nationals, Union Coop Organizes Exclusive Recru...
New hope for patients as world's first and only approved therapy to treat two ty...
Emirates makes history with one-off A380 touchdown in Islamabad
‘Green' retailers to continue to gain traction with consumers
Cromia Offers Amazing Discounts during DSS
Dubai Cares honors philanthropist Sunny Varkey for fulfilling his AED 100 millio...
DALBY and its 50 years of experience in hydraulic hooklifts will be present at t...
HP Collaborates with Abu Dhabi's Danat Al Emarat Hospital to Re-invent Patients'...
Etihad Airways Launches Dedicated in-flight Guest Medical Services
Finnair launches off-airport baggage collection and check-in service in London w...
Innovative Chronofighter Superlight Carbon is replete with Graham's formidable m...
Martin on a Mission as He Claims Sixth Spot for UAE Team Emirates in Stage Five ...