sb-au logo
Story image

Cryptojacking and failure to patch still major threats - Ixia

16 Apr 2019

Keysight has announced the third annual Security Report from Ixia, its cybersecurity and visibility business. 

The 2019 report analyses the biggest security findings over the past year from Ixia’s Application and Threat Intelligence (ATI) Research Center resulting from historic unpatched vulnerabilities, along with growing network and application complexity.

Key findings from the 2019 Security Report include:

  • Humans are the weakest link: In 2018, Ixia detected 662,618 phishing pages in the wild, and 8,546,295 pages hosting or infected by malware – so a successful attack requires only a single errant click on an email or link. A well-crafted and timed phishing attempt can encourage even savvy users to click on compromised links.  Successful defence depends on a combination of proactive user education, blocking phishing attacks and malware that cross the network edge, and detecting and blocking lateral movement in a network.
     
  • Cryptojacking activity continues to grow: This threat reached new peaks in 2018, with hackers combining multiple classic attacks to deliver nearly autonomous malware. Ixia honeypots captured several new exploits that run an EternalBlue scan, and when successful, deposit a cryptominer on the network.
     
  • Software security flaws caused the majority of product vulnerabilities: Ixia observed more new devices joining networks than ever before, but also more devices designed and deployed without proper measures to stop or even limit threats. Well-understood SQL injections and cross-site scripting vulnerabilities were used by bad actors to target web applications. Code sharing posed a risk despite efforts by the open source community to standardise controls and measures in web development.
     
  • Security vulnerability disclosures are a double-edged sword: Both hackers and vendors benefit when vulnerabilities are announced, particularly zero-day exploits. Mirai, Drupalgeddon and the D-Link DSL-2750B remote code execution vulnerability are examples where hackers were able to move faster than vendors and IT teams.
     
  • Cyber hygiene is at an all-time low: IT vendors created code or configurations that led to many successful security breaches in 2018, but IT operations and security personnel also shared the blame. Well-known attacks and attack vectors remained successful because security personnel did not address vulnerabilities and apply patches. This was successful primarily due to two factors: ignorance of the latest patches and challenges in deploying patches in a timely manner.

“Compromised enterprise networks from unpatched vulnerabilities and bad security hygiene continued to be fertile ground for hackers in 2018. Misconfigured security and access policies also were a major source of data breaches in 2018,” says Keysight Technologies Ixia application and threat intelligence senior director Steve McGregory.

“Network and application complexity pose serious security threats and create new vulnerabilities every day. Hackers continue to leverage the complexity as well as existing vulnerabilities and misconfigurations to their advantage.

“It has never been more important for organisations to take a proactive approach to identify and mitigate such flaws as thoroughly as possible.” 

Security Watchlist for 2019

Based upon Ixia-collected data and historical activity, the Ixia ATI team predicts the following six trends will pose the biggest threat to enterprises over the coming 18 months:  

  • Abuse of low-value endpoints will escalate
  • Brute-force attacks on public-facing systems and resources will increase
  • Cloud architectures create complexity that increases attack surfaces
  • Phishing will continue to evolve
  • Multiphase attacks that use lateral movement and internal traffic will increase
  • Cryptomining/ cryptojacking attacks will increase
Link image
VR a leading factor in edge computing, says Gartner
Edge architectures and technologies, including VR, will be an essential component of innovative products and services.More
Story image
Kaspersky finds red tape biggest barrier against cybersecurity initiatives
The most common obstacles that inhibit or delay the implementation of industrial cybersecurity projects include the inability to stop production (34%), and bureaucratic steps, such as a lengthy approval process (31%) and having too many decision-makers (23%). More
Story image
Malware and email scams targeting employees spread rapidly in Q2
"Businesses must stay alert and should employ defense-in-depth tactics and equip themselves with multilayered security mechanisms, including high-sensor spam filters and a VPN connection, which would prevent malicious pages from opening."More
Story image
Fortinet SOARs to new heights of protection on the wings of AI & automation
Jon McGettigan, Fortinet A/NZ Regional Director, talks about SOAR (security orchestration, automation and response) and explains that effective SOAR starts with your security policy.More
Link image
How reckless email behaviour can almost sink a company
Cyber attackers become smarter and more efficient every day. Protect yourself from the perfect storm with this new invaluable resource.More
Story image
APAC organisations struggle to find balance between digital adoption and cybersecurity
Organisations in the Asia Pacific (APAC) region are significantly concerned about security threats, but nevertheless are looking to advance operations through digital adoption.More