Story image

Fortinet: Cybercrime ditches regional targets & goes for global 'element of surprise'

13 Jun 2017

The cybersecurity kill chain may have been dominated by high-profile headline attacks over recent months but there is a deeper trend that is more pervasive and dangerous that's putting cyber safety to the test.

Fortinet released the findings from its latest Global Threat Landscape Report, which found that a Crime-as-a-Service structure is infiltrating the dark web, resulting in more opportunistic attacks.

“In the past year, highly-publicised cybersecurity incidents have raised public awareness of how our TVs & phones can be manipulated to deny others’ Internet availability, and have shown, that demanding ransom is being used to disrupt vital patient care services. Yet, awareness alone isn’t enough," comments Jon McGettigan, Fortinet's senior director, APAC and the Pacific Islands.

The Crime-as-a-service (CaaS) market is not so much interested in geographic distances or boundaries because most attacks are on a global scale. According to the report, attackers are always looking for 'the element of surprise'.

The report says the WannaCry outbreak is a case in point of how the ransomware and its variants attacked the world at once. However, the report found that less than 10% of organisations detected ransomware activity. 1.2% dealt with ransomware botnets in any given day in their organisation.

System vulnerabilities and exploit trends were a major concern for organisations. 80% had reported critical or high-severity exploits in their systems. Exploits mainly targeted vulnerabilities in the last five years, but older CVEs have also been targeted.

Fortinet says there are automated tools that can scan the internet for 'opportunistic openings', which means exploit distribution was varied across regions.

The spread of IoT and hyperconvergence has also contributed to a steady stream of mobile malware. 20% of organisations detected mobile malware, and more Android malware families rounded out the top 10 list in Q1.

"Unfortunately, as organisations increasingly adopt convenience and cost-savings IT techniques, such as cloud services, or add a variety of smart devices to their network, visibility and control of their security is at risk. Meanwhile, attackers are buying or re-using tools of their own," McGettigan says.

While HTTPS traffic is outpacing HTTP traffic, Fortinet says that it makes it harder to conduct efficient threat monitoring. This is because traffic is encrypted, which could hide threats of its own.

The number of applications in each organisation averages 62. IaaS applications were most popular. However Fortinet warns that data visibility can drop significantly when it moves to cloud. Fortinet suggests this trend is problematic.

"Cybersecurity strategies need to increasingly adopt trustworthy network segmentation and high degrees of automation to prevent and detect adversaries’ efforts to target the newly-exposed flanks of our businesses and governments," McGettigan concludes.

Opinion: How SD-WAN changes the game for 5G networks
5G/SD-WAN mobile edge computing and network slicing will enable and drive innovative NFV services, according to Kelly Ahuja, CEO, Versa Networks
TYAN unveils new inference-optimised GPU platforms with NVIDIA T4 accelerators
“TYAN servers with NVIDIA T4 GPUs are designed to excel at all accelerated workloads, including machine learning, deep learning, and virtual desktops.”
AMD delivers data center grunt for Google's new game streaming platform
'By combining our gaming DNA and data center technology leadership with a long-standing commitment to open platforms, AMD provides unique technologies and expertise to enable world-class cloud gaming experiences."
Inspur announces AI edge computing server with NVIDIA GPUs
“The dynamic nature and rapid expansion of AI workloads require an adaptive and optimised set of hardware, software and services for developers to utilise as they build their own solutions."
Norwegian aluminium manufacturer hit hard by LockerGoga ransomware attack
“IT systems in most business areas are impacted and Hydro is switching to manual operations as far as possible.”
HPE launches 'right mix' hybrid cloud assessment tool
HPE has launched an ‘industry-first assessment software’ to help businesses work out the right mix of hybrid cloud for their needs.
ADLINK and Charles announce multi-access pole-mounted edge AI solution
The new solution is a compact low profile pole or wall mountable unit based on an integration of ADLINK’s latest AI Edge Server MECS-7210 and Charles’ SC102 Micro Edge Enclosure. 
How Dell EMC and NVIDIA aim to simplify the AI data centre
Businesses are realising they need AI at scale, and so enterprise IT teams are increasingly inserting themselves into their company’s AI agenda.