BREAKING

Thursday, April 6, 2017

Fortinet Threat Landscape Report Examines How Cybercriminals Are Building an Army of Things Creating a Tipping Point for Cybersecurity



Wazzup Pilipinas!


Research Reveals Constantly Changing and Sophisticated Avenues of Attack Targeting Evolving Technology Infrastructure Enabled by a Fast-growing Underground Cybercrime Economy

“The cybersecurity challenges facing organizations today are complex with a threat landscape that is rapidly evolving. Threats are intelligent, autonomous, and increasingly difficult to detect, with new ones emerging and old ones returning with enhanced capabilities. In addition, the accessibilty of threat creation tools and services combined with the reward potential is driving the growth of the global cybercrime market into tens of billions of US dollars. To protect themselves, CISOs need to ensure that the data and security elements across all of their environments and devices are integrated, automated, and able to share intelligence, across an organization, from IoT to the cloud.” - Phil Quade, chief information security officer at Fortinet


News Summary


Fortinet® (NASDAQ: FTNT), the global leader in high-performance cybersecurity solutions, today announced the findings of its latest Global Threat Landscape Report. The research reveals the methods and strategies cybercriminals employed in detail and demonstrates the potential future impact to the digital economy. The question, “What’s my biggest threat?” remains difficult to pinpoint as old threats resurface, but new, automated and high-volume attacks arise. For a detailed view of the research visit our blog. Highlights follow:



Infrastructure Trends and How They Relate to Threats

· Considering infrastructure trends and how they relate to the threat landscape is important. Exploits, malware, and botnets do not happen in a vacuum and finding or preventing threats gets increasingly complicated as network infrastructure evolves.

· Data shows encrypted traffic using SSL stayed steady at about 50% and accounted for roughly half of overall web traffic traversing within an organization. HTTPS traffic usage is an important trend to monitor, because while it is good for privacy, it presents challenges to detecting threats that are able to hide in encrypted communications. Often SSL traffic goes uninspected because of the huge processing overhead required to open, inspect, and re-encrypt traffic, forcing teams to choose between protection and performance.

· In terms of total applications detected per organization, the number of cloud applications trended up at 63, which is roughly a third of all applications detected. This trend has significant implications for security since IT teams have less visibility into the data residing in cloud applications, how that data is being used, and who has access to it. Social media, streaming audio and video, and P2P applications did not trend up sharply.



An Army of Things Powered by the Digital Underground

· IoT devices are sought-after commodities for cybercriminals around the world. Adversaries are building their own armies of "things" and the ability to cheaply replicate attacks at incredible speed and scale is a core pillar of the modern cybercrime ecosystem.

· In Q4 2016, the industry was reeling from the Yahoo! data breach and Dyn DDoS attack. Before the quarter was halfway done, the records set by both events were not only broken, but doubled.

· Internet of Things (IoT) devices compromised by the Mirai botnet initiated multiple record-setting DDoS attacks. The release of Mirai’s source code increased botnet activity by 25 times within a week, with activity increasing by 125 times by year’s end.

· IoT-related exploit activity for several device categories showed scans for vulnerable home routers and printers topped the list, but DVRs/NVRs briefly eclipsed routers as the thing of choice with a massive jump spanning 6+ orders of magnitude.

· Mobile malware become a larger problem than before. Though it accounted for only 1.7 percent of the total malware volume, one in five organizations reporting malware encountered a mobile variant, nearly all was on Android. Substantional regional differences were found in mobile malware attacks, with 36 percent coming from African organizations, 23 percent from Asia, 16 percent from North America, compared to only 8 percent in Europe. This data has implications for the trusted devices on corporate networks today.



Automated and High-Volume Attacks Are Prevalent

· The correlation between exploit volume and prevalence implies growing attack automation and lowering costs for malware and distribution tools available on the dark web. This is making it cheaper and easier than ever for cybercriminals to initiate attacks.

· SQL Slammer ranked at the top of the exploit detection list with a high or critical severity ranking, mainly affecting educational institutions.

· An exploit indicating attempted brute force attacks on Microsoft Remote Desktop Protocol (RDP) ranked second in prevalance. It launched RDP requests at a rate of 200 times every 10 seconds, explaining the high volume detected across global enterprises.

· Ranking third in prevalence is a signature tied to a Memory Corruption vulnerability in Windows File Manager that allows a remote attacker to execute arbitrary code within vulnerable applications with a jpg file.

· H-Worm and ZeroAccess had the highest prevalence and volume for botnet families. Both give cybercriminals control of affected systems to siphon data or perform click fraud and bitcoin mining. The technology and government sectors faced the highest numbers of attempted attacks by these two families of botnets.



Ransomware Isn’t Going Anywhere

· Ransomware warrants attention regardless of industry and this high-value attack method will likely continue with the growth of ransomware-as-a-service (RaaS), where potential criminals with no training or skills can simply download tools and point them at a victim.

· 36% of organizations detected botnet activity related to ransomware. TorrentLocker was the winner and Locky placed third.

· Two malware families, Nemucod and Agent, went on a crime spree. 81.4 percent of all malware samples captured belonged to just these two families. The Nemucod family is infamously affiliated with ransomware.

· Ransomware was present in all regions and sectors, but particularly widespread in healthcare institutions. This remains significant because when patient data is compromised the ramifications can be much more severe, as it has greater longevity and personal value than other types of data.



Daring Exploits, But Old is New


· Adversaries took a "leave no vuln behind" policy. Unfortunately, attention focused on security patches and flaws in old devices or software, means less time and attention to focus on the growing attack surface accelerated by the digital devices of today.

· A full 86% of firms registered attacks attempting to exploit vulnerabilities that were over a decade old. Almost 40% of them saw exploits against even older CVEs.

· An average of 10.7 unique application exploits were tracked per organization. About 9 in 10 firms detected critical or high-severity exploits.

· Overall, Africa, Middle East, and Latin America exhibited a higher number and variety of encounters for each threat category when comparing the average number of unique exploit, malware, and botnet families detected by organizations in each world region. These differences appeared most pronounced for botnets.



Report Methodology

The Fortinet Global Threat Landscape report represents the collective intelligence of FortiGuard Labs during Q4 2016 with research data covering global, regional, sector, and organizational perspectives. It focuses on three central and complementary aspects of the threat landscape: application exploits, malicious software (malware) and botnets.



Additional Resources

· Learn more about the Fortinet Security Fabric.
· Read more details about the report on our blog and view the video or infographic.
· Access the full report online.
· Follow Fortinet on Twitter, LinkedIn and Facebook.

DOTr Welcomes Expanded UBE Express Makati Route


Wazzup Pilipinas!

To further augment the public transport service at the four major airports of Manila, the Department of Transportation (DOTr) welcomes today the route expansion of UBE Express – an Airport Bus Service project – to include certain areas within the Makati Central Business District (MCDB).

“This route expansion of the UBE Express is a strategic addition especially for prospective patrons who may have intended business engagements or may desire to access the business district of Makati,” explains Assistant Secretary Cherie Mercado, DOTr Spokesperson.

The additional route includes stops at Glorietta 4 and 5 and surrounding hotels within Ayala Center Makati, to include: The Ascott, Dusit Thani, Holiday Inn and Suites, The Peninsula Manila, Shangri-la, New World, and Fairmont Makati. These express buses shall be picking up passengers daily from NAIA Terminals 1 to 4 and shall be passing through these identified drop-off points and back.

There will also be a new UBE Express hub operating soon from Park Square to accommodate passengers in easy accessing and connecting with other modes of public transportation available.

"We institute ways of making mobility more inclusive and dignified by widening interconnectivity and providing more transportation alternatives available for everyone," Asec Mercado added.

UBE Express is partnering with Ayala Center Estate Association (ACEA) and the Ayala Malls for this route expansion plan which was launched today, 05 April 2017, at the Park Area of Glorietta 4. Along with this, the Ayala Malls also introduced "EasyRide", an ongoing project of the mall chain giant that will provide convenient access to various modes of public transportation to their mall-goers and shoppers.

“This partnership signals the willingness of the business community to help the administration form realistic solutions to address issues such as transport accessibility and terminal congestion in our airports. We welcome these positive efforts and wish for their further collaboration with us,” ASec Mercado ended.

UBE Express plans to expand the area of coverage in order to include other major areas in Metro Manila.

UBE Express is a project supported by the Department of Transportation (DOTr) and the Land Transportation Franchising and Regulatory Board (LTFRB), and is being operated by Airfreight2100.

Foundation for Media Alternatives to Launch Philippine Gender Report Card


Wazzup Pilipinas!

Foundation for Media Alternatives (FMA) is set to launch a Gender Report Card that measures the Philippines’ progress in closing the digital gender gap on April 6, 2017 at the Oracle Hotel and Residences, Quezon City. The launch and forum is expected to be attended by around 50 participants from academe, government, women’s groups, community organizations, human rights organizations, and other civil society groups.

The Philippine Report Card was developed by FMA in collaboration with the World Wide Web Foundation and with support from UN Women and Swedish International Development Cooperation Agency. The overall country score is based on 14 indicators that were grouped into five main thematic categories, namely: internet access and women’s empowerment, relevant content and services, online safety, affordability, and digital skills and education. Scores for each indicator were given based on reliable empirical sources such as reports, surveys, and existing legislation.

Information and communication technologies (ICT) have transformed the way people communicate and relate with each other. ICTs have provided opportunities for women to express and assert their rights and identities, access important information that may contribute to their empowerment, and the development of the communities they belong in. However, as the Report Card scores demonstrate, a formidable gender gap in Internet access, digital skills and online rights remains to be closed.

In response to these scores, FMA, in consultation with other national stakeholders, has taken the lead in identifying concrete steps that the Philippine government can take to address the challenges identified. These steps form a 5-point action plan: integrate gender into the Philippines’ national ICT plan; improve internet affordability and speed; implement inclusive digital literacy programmes; conduct gender audits of government agency websites; and end online gender-based violence.

Apart from the Philippines, the Web Foundation and its partners prepared similar gender audits in nine other countries (Kenya, Uganda, Mozambique, Nigeria, Ghana, Egypt, Colombia, India, and Indonesia). The audits are designed to help the countries assess the steps that need to be taken to close the digital gender gap. In the future, FMA plans to use the Report Card to push for the agenda included in the action plan and influence meaningful policy change.
Ang Pambansang Blog ng Pilipinas Wazzup Pilipinas and the Umalohokans. Ang Pambansang Blog ng Pilipinas celebrating 10th year of online presence
 
Copyright © 2013 Wazzup Pilipinas News and Events
Design by FBTemplates | BTT