Automated defenses are critical to mitigate cyber attacks

Fortinet, the global leader in high-performance cybersecurity solutions, today announced the findings of its latest Global Threat Landscape Report.The data spans the cybersecurity kill chain focusing on three central aspects of the landscape, including application exploits, malicious software, and botnets against the backdrop of important enterprise technology and industry sector trends. The research reveals that while more high profile attacks have dominated the headlines, the reality is that the majority of threats faced by most organizations are opportunistic in nature fueled by a pervasive Crime-as-a-Service infrastructure.

“In the past year, highly-publicized cybersecurity incidents have raised public awareness of how our TVs & phones can be manipulated to deny others’ Internet availability, and have shown, that demanding ransom is being used to disrupt vital patient care services. Yet, awareness alone isn’t enough. Unfortunately, as organizations increasingly adopt convenience and cost-savings IT techniques, such as cloud services, or add a variety of smart devices to their network, visibility and control of their security is at risk. Meanwhile, attackers are buying or re-using tools of their own. Cybersecurity strategies need to increasingly adopt trustworthy network segmentation and high degrees of automation to prevent and detect adversaries’ efforts to target the newly-exposed flanks of our businesses and governments,” explained Phil Quade, Chief Information Security Officer, Fortinet.

Three important research highlights are:

  • Attack tools never forget and are always ready for service, anywhere and anytime: Modern tools and Crime-as-a-Service infrastructures enable adversaries to operate on a global scale at light speed. As a result, the Internet seems not interested in geographic distances or boundaries because most threat trends appear more global than regional. Adversaries are always on the attack, looking for the element of surprise whenever possible on an international scale.
  • Hyperconvergence and IoT are accelerating the spread of malware: As networks and users increasingly share information and resources, attacks are spreading rapidly across distributed geographic areas and a wide variety of industries. Studying malware can help provide views into the preparation and intrusion stages of these attacks. Although protecting against mobile malware is particularly challenging because devices are not shielded on the internal network, are frequently joining public networks, and often are not under corporate ownership or control.
  • Visibility of distributed and elastic infrastructure is diminishing: Threat trends reflect the environment in which they occur, therefore, understanding how information technologies, services, controls, and behaviors change over time is important. It can act as a window into broader security policies and governance models and is valuable to monitoring the evolution of exploits, malware, and botnets as networks become increasingly complex and distributed.