Threat Trends Capitalize on Poor Visibility and Control
Based on threat data taken from millions of Fortinet devices across the world, the latest Global Threat Landscape Report for Q3 indicates that cyberthreats not only continue to target network vulnerabilities, but also seek to exploit the poor visibility and control resulting from the expansion of networks into the cloud and the rapid adoption of mobility and IoT. This quarterly report serves as an analysis of the current threat landscape facing organizations and their network security, while aiming to help network security teams identify key trends and shifts across the threat landscape.
With this in mind, one of the predominant themes we documented in Q3 is the evolving threats and strategies cybercriminals are using to capitalize on current network vulnerabilities. Most notably, many of these vulnerabilities are being introduced as organizations of all sizes continue their digital transformation initiatives.
As customers continue to widen the scope of their network infrastructures with a range of IoT, mobile and cloud-based solutions, the resulting decrease in visibility and control of those solutions opens threat vectors for cybercriminals to leverage.
There are several important threat trends partners need to remain aware of:
- Evolution of cryptojacking: Cryptojacking, or the process of leaching CPU resources from machines and devices, has long been recognized as a threat to organizations thanks to its ability to drastically slow system efficiency and leach processing power. And now, with new platforms available to advanced attackers, as well as “as-a-service” cryptojacking malware available for purchase on the dark web, the ability to launch large-scale, complex attacks is no longer limited to skilled cybercriminals. What’s more, these new crypto attacks have the potential to disable existing security solutions as well as open additional communications ports on existing firewalls. This means that not only is cryptojacking a serious problem on its own, but it can serve as a gateway through which bad actors are able to install new malware. Considering that the frequency of cryptojacking attacks jumped 38 percent in 2018, underestimating the impact of this cyberthreat can prove especially detrimental to organizations.
- Mobile Malware: Mobile devices are posing a significantly larger threat to network security than ever before. Mobile malware variants attacked more than 25 percent of organizations in Q3 as a result of BYOD policies and unsegmented guest networks. What’s even more surprising, however, is that mobile made up 14 percent of all malware attacks this quarter. Considering the speed at which a mobile device can enter and connect to a network, organizations that cannot properly identify and control these devices are at a substantially high risk.
- IoT Botnets: During Q3 IoT botnet infections rose a steady but anemic 2 percent. However, the period of time these bots were able to stay connected to the network increased by a staggering 34 percent from Q2, averaging 10.2 infection days per firm in Q3. This indicates that the sophistication of botnets is on the rise, that cyber hygiene within organizations is on the decline, or both In either case, if left unchecked these devices have the potential to spread malware laterally across networks and between devices, becoming a threat vector that can be leveraged to gain access to networks. What’s more, the ability for these devices to lie dormant, only returning when business operations resume, means that to effectively mitigate IoT botnets the source device needs to be found and removed.
- Shift Toward Swarm-as-a-Service: A notable shift in the evolution of cyberthreats is that of swarm-based intelligence technology. With emerging capabilities like the AutoSploit toolkit, which provides cybercriminals with the means to automate remote host exploitation, the threat landscape is shifting that much closer toward the possibility of swarm-based botnets. With à la carte IoT botnets like Hajime and Reaper already making headlines for their intelligent, automated attack capabilities, the market for as-a-service attack options using advanced attack capabilities is growing. We’re seeing the attack needle shift toward collaborative, intelligent botnets that cybercriminals can “set and forget.”
A Learn, Segment, Protect Approach to Advanced Threats
As the attack capabilities of cybercriminals continue to evolve, customers need to rearchitect their network infrastructures into a fabric-based strategy that can unify and integrate threat analysis and security processes. From there, customers must then adopt a learn, segment and protect approach to their security efforts that identify and inventory devices gaining access to their networks, and automate the controls and security solutions that track devices and enforce policy across the network.
- Learn: To secure their networks, customers need to not only see every device connected to the network, but also understand their capabilities, limitations and network access. Moreover, they need to also understand the relationship between these devices and the network ecosystem. To this end, it’s crucial that customers leverage automated threat analysis across an integrated security fabric – allowing them to automatically discover and classify devices found within their networks.
- Segment: Once customers are able to see the devices within their networks, they can effectively begin to control them, including limiting the extent and impact of their vulnerabilities. The most effective approach is to dynamically separate them from other resources through network segmentation. Dynamic segmentation allows IT professionals to authenticate devices that belong within the network and then restrict their access to specific segments of the network infrastructure. Moreover, such segmentation also helps them contain and mitigate the damage caused by modern, automated threats.
- Protect: Armed with a comprehensive view into the network ecosystem, your customers then need the ability to monitor, inspect, and enforce access policies based on activity across their network infrastructure. To do this, each network segment must be woven into an integrated security fabric that can centralize threat analysis and deploy security functions across the network ecosystem.
As customers continue to further their digital transformations, cybercriminals have been quick to shift their capabilities and strategies to take advantage of emerging gaps in device visibility and control. This past quarter we documented advanced attack capabilities and trends designed to capitalize on poor device security. Knowing this, customers must update their network architectures to adopt a learn, segment and protect approach to their device security.
I would say That a Fortinet NSE 4 - FortiOS 6.0 Certification is highly respected in the field of Information Technology (IT). It seems not easy to get Network Security Professional Certified but with KillerDumps NSE4_FGT-6.0 Exam BrainDumps, It is guaranteed that you can achieve your desired results on Fortinet NSE4_FGT-6.0 Exam in first attempt. I would suggest KillerDumps NSE4_FGT-6.0 exam preparation material. Because KillerDumps NSE4_FGT-6.0 Exam Dumps are so simple and detailed and I pass my Fortinet NSE 4 - FortiOS 6.0 NSE4_FGT-6.0 exam in first attempt. Enhance your skills by doing Network Security Professional Certification to improve their competency.
ReplyDelete