Fortinet Uncovers Most Prevalent Undetected Cyber Threats Traversing Enterprise Networks
"Businesses are constantly under cyber attack. With the attack surface dramatically increased and a mature attackers ecosystem, companies have to be ever more vigilant across all their IT assets.
News Summary:
-
Fortinet CTAP issues its first end-user report with data collected from hundreds of
U.S. Fortinet users and prospective customers across industries over a few months' time span; analyzed millions of incidents to gain unmatched insight into the largest, unknown security threats traversing their networks. - Results indicate that enterprises of every size and vertical continue to face a constant and consistently hostile threat landscape, with more than 32.14 million attempted attacks on these networks.
- Top threat types include malware, botnets and application exploits with 357,420 attempts to compromise networks within the top 10 application vulnerabilities alone, and 71 different malware and botnet variants detected across the networks.
- Key verticals analyzed include healthcare, financial services, education and technology companies, with banking being targeted by nearly 45% of all malicious activity, followed by education, which experienced 27.4% of all attack events.
Global Program Uncovers Unknown Risks, Provides Immediate Mitigation Strategies
The data highlighted in
-
Automated Attack Systems, Botnets and Malware take Center Stage
- With 32.14 million attempted attack events in a 4-month span, it's evident that attackers rapidly build automated systems and tools to probe networks for exploitable vulnerabilities.
- Headline-generating Malware such as Conficker, Nemucod and ZeroAccess have made significant efforts to rebuild and infect machines, as the financial incentives for these owners are massive. With 5,230 instances of Conficker, followed by 4,220 instances of Nemucod and 3,210 instances of ZeroAccess traversing these networks, it's evident that this threat type will only continue to grow.
- In just the top 10 incidents analyzed, 357,420 attempts were made to exploit application vulnerabilities, as hackers continue to cast a wide net to try and compromise corporate data.
-
Social Media, Video Streaming and Advertising Drain Corporate Networks
- Social media and multimedia streaming activities account for 25.65% of all network traffic, exposing corporate systems and sensitive data to risks of infection from drive-by downloads, social engineering and malvertising. Facebook is the most dominant social media site representing 47.27% of all social media traffic, with
YouTube contributing to 42.29% of streamed content. - Advertising content accounts for 19.1% of network traffic and has been shown to be a potential source of malware as third party advertising networks are subverted or tricked into delivering malicious ads.
- Application control appears to be a continual challenge for administrators. A significant amount of Peer-to-Peer traffic, primarily Bittorrent and gaming activity opens the network to malicious content that piggybacks on top of applications and files downloaded through these popular sites. Enterprises should exercise caution when building application control policies on their networks.
- Social media and multimedia streaming activities account for 25.65% of all network traffic, exposing corporate systems and sensitive data to risks of infection from drive-by downloads, social engineering and malvertising. Facebook is the most dominant social media site representing 47.27% of all social media traffic, with
-
Financial Services,
Education and Healthcare Rank Most Vulnerable Industries - Due to the lucrative financial data obtained when these networks are successfully infiltrated, banking and finance organizations are disproportionately targeted with 44.6% of all malicious activity. Hackers rely on high-velocity attacks and target financial institutions with sophisticated trojans and land-and-expand attack strategies to infiltrate and persist within the network.
- Education organizations represent 27.4% of all attack events in this report and are the second largest at-risk vertical industry. Botnets are the dominant threat for educational institutions, with 7 out of top 10 infections, while XcodeGhost, the widely publicized iOS malware breaks into the top 10 vulnerabilities list in education.
- Healthcare ranked third in overall malicious activity with 10.6% of attack events. The healthcare industry is unique in the appearance of automated exploit kits, notably targeting numerous vulnerabilities in Flash, Silverlight and Internet Explorer to compromise a system via a drive-by-download or infected website.
Takeaways and Actionable Insights to Protect Your Network
Attackers are targeting companies of every size in the hopes of gaining access to the valuable assets inside the corporate network. Vertical industries need to know what hackers are after and understand the unique strategies they employ.
- Banking and Finance organizations should bolster their networks against land-and-expand strategies and the predominant use of trojans. Deploying security platforms like
Fortinet's Advanced Threat Protection framework can combat sophisticated new variants of malware at the network edge, while implementing internal network segmentation can help contain insider threats and minimize risks to the most valuable data. - Education security professionals should be mindful of the various devices that can access their network resources, utilizing threat intelligence like FortiGuard Mobile Malware services to detect threats that target student smartphones and tablets as vectors for an attack.
- Healthcare industry protections closely mirror those of banking organizations. Understanding that hackers may be looking to encrypt their data and hold the information hostage, instead of silently exporting data to sell on the dark web makes it even more imperative for healthcare to consider internal segmentation strategies to contain threats.
- Technology businesses are varied and hackers respond with diverse strategies and malware to cast the largest net. Security professionals in these organizations need to understand their devices, applications and platforms that connect to the web using analysis tools like FortiAnalyzer. Understanding their network utilization will help businesses tailor a security posture that matches their individual attack surface.
Supporting Quote
"As attacks against corporate data resources become increasingly pervasive, TierPoint is committed to providing a clear line of defense to secure our customers. As such, it's critical that we know exactly what is going on inside their networks.
-
Additional Resources
- Report: 2016 CTAP Threat Landscape Report
- Whitepaper: Cyber Threat Assessment - Threat Landscape Report Executive Summary
- Infographic: A Look Behind the Firewall
- Follow
Fortinet on Twitter and LinkedIn - Join the conversation on the
Fortinet blog
About
Copyright © 2016 Fortinet, Inc. All rights reserved. The symbols ® and ™ denote respectively federally registered trademarks and unregistered trademarks of
Media Contact
408-235-7700
Email contact
Investor Contact
Michelle Spolver
408-486-7837
Email contact
Analyst Contact
Ron Davis
415-806-9892
Email contact
Source:
News Provided by Acquire Media