Separator

NTT GLOBAL THREAT INTELLIGENCE REPORT ATTACK VOLUMES UP AS CYBER CRIMINALS INNOVATE FASTER AND AUTOMATE ATTACKS

CEO Insights team | Wednesday 20 May, 2020
Separator
NTT GLOBAL THREAT INTELLIGENCE REPORT ATTACK VOLUMES UP AS CYBER CRIMINALS INNOVATE FASTER AND AUTOMATE ATTACKS

CEO Insights team, Press Release

NTT Ltd., a world-leading global technology services provider, today launched its 2020 Global Threat Intelligence Report (GTIR), which reveals that despite efforts by organizations to layer up their cyber defences, attackers are continuing to innovate faster than ever before and automate their attacks. Referencing the current COVID-19 pandemic, the report highlights the challenges that businesses face as cyber criminals look to gain from the global crisis and the importance of secure-by-design and cyber-resilience.

The attack data indicates that over half (55%) of all attacks in 2019 were a combination of web-application and application-specific attacks, up from 32% the year before, while 20% of attacks targeted CMS suites and more than 28% targeted technologies that support websites. For organizations that are relying more on their web presence during COVID-19, such as customer portals, retail sites, and supported web applications, they risk exposing themselves through systems and applications that cyber criminals are already targeting heavily.

Matthew Gyde, President and CEO of the Security division, NTT Ltd., says: “The current global crisis has shown us that cyber criminals will always take advantage of any situation and organizations must be ready for anything. We are already seeing an increased number of ransomware attacks on healthcare organizations and we expect this to get worse before it gets better. Now more than ever, it’s critical to pay attention to the security that enables your business; making sure you are cyber-resilient and maximizing the effectiveness of secure-by-design initiatives.”

Industry focus: Technology tops most attacked list
While attack volumes increased across all industries in the past year, the technology and government sectors were the most attacked globally. Technology became the most attacked industry for the first time, accounting for 25% of all attacks (up from 17%). Over half of attacks aimed at this sector were application-specific (31%) and DoS/DDoS (25%) attacks, as well as an increase in weaponization of IoT attacks. Government was in second position, driven largely by geo-political activity accounting for 16% of threat activity, and finance was third with 15% of all activity. Business and professional services (12%) and education (9%) completed the top five.

Mark Thomas who leads NTT Ltd.’s Global Threat intelligence Center, comments: “The technology sector experienced a 70% increase in overall attack volume. Weaponization of IoT attacks also contributed to this rise and, while no single botnet dominated activity, we saw significant volumes of both Mirai and IoTroop activity.

Now more than ever its critical to pay attention to the security that enables your business; making sure you are cyber-resilient and maximizing the effectiveness of secure-by-design initiatives


Attacks on government organizations nearly doubled, including big jumps in both reconnaissance activity and application-specific attacks, driven by threat actors taking advantage of the increase in online local and regional services delivered to citizens.”

2020 GTIR key highlights:
•Websites posing as ‘official’ source of COVID-19 information, but host exploit kits and/or malware – created at an incredible rate, sometimes exceeding 2000 new sites per day.
•Most common attack types accounted for 88% of all attacks: Application-specific (33%), web application (22%), reconnaissance (14%), DoS/DDoS (14%) and network manipulation (5%) attacks.
•Attackers are innovating: By leveraging artificial intelligence and machine learning and investing in automation. Some 21% of malware detected was in the form of a vulnerability scanner, which supports the premise that automation is a key focus point of attackers.
•Old vulnerabilities remain an active target: Attackers leveraged those that are several years old, but have not been patched by organizations, such as HeartBleed, which helped make OpenSSL the second most targeted software with 19% of attacks globally. A total of 258 new vulnerabilities were identified in Apache frameworks and software over the past two years, making Apache the third most targeted in 2019, accounting for over 15% of all attacks observed.
•DoS/DDoS attacks in APAC were higher than the global average, and about three times of the DoS/DDoS rate in EMEA, regularly appearing in the top five common attack types (Singapore #4 and Japan #5).
•Web-application and application-specific attacks dominated the region. They were the two most common attack types in Japan, and application-specific attacks were the most common attack types in Singapore and Hong Kong.

The 2020 GTIR also calls last year the ‘year of enforcement’ as the number of Governance, Risk and Compliance (GRC) initiatives continues to grow, creating a more challenging global regulatory landscape. Several acts and laws now influence how organizations handle data and privacy, including the General Data Protection Regulation (GDPR), which has set a high standard for the rest of the world, and The California Consumer Privacy Act (CCPA) which recently came into effect. The report goes on to provide several recommendations to help navigate compliance complexity, including identifying acceptable risk levels, building cyber-resilience capabilities and implementing solutions that are secure-by-design into an organization’s goals.
Source : Press Release
Read More:

Indian Govts corporate bailouts should involve (non voting) equity instead of debt Oxford Professor and Founder Master Masters Union

Mentice Launches Seventh Generation Platform Aimed to Transform Endovascular Therapy

In Print

CEOInsights TV




Most Viewed

From 'Volume' to 'Value': India Inc's Mantra to Capture the Global Pharmaceutical Market A Fight Back from Arabian Peninsula When will The Tech Industry’s Lay-off Season End? The Story of a Broken Trust Technology Key To Global Travel Recovery What To Keep In Mind When Selecting The Right Air Compressor For Replacement? The Best Way to Recover from Ransomware Attacks How Tensions Grew Worse between Elon Musk and Donald Trump New Markets, New Brands: Tailoring Success for Different Places Empowered Leadership in a Changing Legal World Four Key Steps For Healthcare Providers To Combat Ransomware Turning Vision into Value: How I Built Purposeful Digital Ecosystems in the UK Dave Thomas: A Role Model for Aspiring Entrepreneurs, Philanthropists Digital Analytics Products: How Organizations Choose Them Kelly Ortberg: The New Boeing CEO Who is Already on the Headlines India’s Military Alacrity for Modern Threats Reshma Saujani: Reshaping Social Attitudes Around Gender and Tech India is Manifesting Leadership in Drone Technology 5 Greatest Role Models in the Manufacturing Industry Creating a Stronger Ecosystem by Fixing the Nuts & Bolts of the Economy Microsoft for India: Making India for Future Ready India's UPI Launch in France Opens Gateway to Global Fintech Power Tim Cook Nears Retirement, Who Will Take Over Apple's Throne? Soil Based Microbial Fuel Cells Could Protect the Environment from Flammable Chemicals The mantra of Academic Collaboration Echoes on this Teachers’ Day Indian semiconductor Boom Has Abundant Room for SME-preneurs Indian Healthcare Ecosystem is Hosting a Multidimensional Paradigm Shift Being a True Republic: You Got to Love this New, Powerful India Qatar World Cup 2022 Might Be Over, But Arabian Peninsula’s Sports Dream is Just Beginning Reimagining the UK–India Partnership in a Changing Global Order These Schemes Will Facilitate Women Entrepreneurs Decarbonization & Sustainable Future: Technology & What it can Do?


🍪 Do you like Cookies?

We use cookies to ensure you get the best experience. Read more…