A research by technology services provider NTT Ltd. revealed that threat actors are developing sophisticated hacking tools and increasingly automating their attacks. The research, “2020 Global Threat Intelligence Report,” highlighted the challenges that organizations face and the importance of secure-by-design and cyber-resilience.
The research found that attackers are trying to financially gain from the COVID-19 pandemic crisis. It is revealed that malicious websites posing as official information sources of COVID-19 exceeded 2,000 new sites per day.
According to the report, organizations that rely more on web presence like customer portals, retail sites, and supported web applications are exposed to higher risks. Nearly 55% of all attacks in 2019 were a combination of web-application and application-specific attacks which wasup from 32% in 2018. Around 20% of attacks targeted CMS suites and more than 28% targeted technologies that support websites.
IT Industry- The Most Targeted Sector
The research findings also stated that the technology sector is the most attacked, accounting for 25% of all attacks. Over half of attacks targeted at the technology sector were application-specific (31%) and DoS/DDoS (25%) attacks, as well as an increase in weaponization of IoT attacks. The government sector is in the second position, driven largely by geo-political activity accounting for 16% of cyberthreats. Finance was third with 15% of all threat activity, threats on business and professional services accounted for 12% at fourth position, and education sector at fifth position with 9% of attacks.
Other Key Findings Include:
- DoS/DDoS attacks in APAC region were higher than the global average, and about three times of the DoS/DDoS rate in EMEA, regularly appearing in the top five common attack types (Singapore #4 and Japan #5)
- Web-application and application-specific attacks dominated the region. They were the two most common attack types in Japan, and application-specific attacks were the most common attack types in Singapore and Hong Kong
- Attackers are innovating by leveraging artificial intelligence and machine learning and investing in automation. Some 21% of malware detected was in the form of a vulnerability scanner, which supports the premise that automation is a key focus point of attackers
- Attackers leveraged old vulnerabilities that have not been patched by organizations, such as HeartBleed, which helped make OpenSSL the second most targeted software with 19% of attacks globally. A total of 258 new vulnerabilities were identified in Apache frameworks and software over the past two years, making Apache the third most targeted in 2019, accounting for over 15% of all attacks observed
Matthew Gyde, President and CEO of the Security division, NTT Ltd., said, “The current global crisis has shown us that cybercriminals will always take advantage of any situation and organizations must be ready for anything. We are already seeing an increased number of ransomware attacks on healthcare organizations and we expect this to get worse before it gets better. Now more than ever, it’s critical to pay attention to the security that enables your business; making sure you are cyber-resilient and maximizing the effectiveness of secure-by-design initiatives.”