During 2014, 76% of identified vulnerabilities throughout all
systems in the enterprise were more than 2 years old, and almost 9% of
them were over 10 years old
When vulnerabilities of medium risk in the Common Vulnerability Scoring System (CVSS) of 4.0 or higher are considered this highlights that even widespread scares such as Heartbleed and Shellshock have little long term effect on corporate risk management process and companies are still not effective at shedding their legacy vulnerabilities
Across the world, an astounding 56% of attacks against the NTT global client base originated from IP addresses within the United States
However, this is not due to the attackers being within the United States, but rather represents threat actors leveraging cheap cloud or vulnerable infrastructure within the US as an intermediary. This benefited the attacker by often being closer to their target and from more trusted geolocation.
Of the vulnerabilities discovered across enterprises worldwide, 17 of the top 20 exposed vulnerabilities resided within user systems and not on servers
This risk represents a return to some of the roots of information security. The users and their wide range of mobile laptops are once again representing a return of risk that has largely been only lightly addressed by many organizations.
Threats against the end user are higher than ever, attacks show a clear and continuing shift towards success in compromising the end point
During every week of 2014, there was a measureable drop in detected attacks on weekends and holidays when workers were not in the office. On weekends and holidays, the workers are not in the office and end-user systems are either turned off, or not being used. This major drop in weekend attacks demonstrates that organizational controls are detecting security events related to end users.
DDoS attacks changed in nature with a massive shift towards amplification attacks using UDP protocols and this accounted for 63% of all DDoS attacks observed by NTT Group
NTP, SSDP and DNS were used in the vast majority of all DDoS attacks. Many of these attacks come from subverting exposed services in consumer based services (such as home Internet routers) to create DDOS traffic.
Attacks against Business & Professional Services increased from 9% to 15%
The attacks increased by more than 50% year on year and are the result of the risks inherited through business-to-business relationships. The likely implication is that this sector is generally softer, but high value targets for attackers.
When vulnerabilities of medium risk in the Common Vulnerability Scoring System (CVSS) of 4.0 or higher are considered this highlights that even widespread scares such as Heartbleed and Shellshock have little long term effect on corporate risk management process and companies are still not effective at shedding their legacy vulnerabilities
Across the world, an astounding 56% of attacks against the NTT global client base originated from IP addresses within the United States
However, this is not due to the attackers being within the United States, but rather represents threat actors leveraging cheap cloud or vulnerable infrastructure within the US as an intermediary. This benefited the attacker by often being closer to their target and from more trusted geolocation.
Of the vulnerabilities discovered across enterprises worldwide, 17 of the top 20 exposed vulnerabilities resided within user systems and not on servers
This risk represents a return to some of the roots of information security. The users and their wide range of mobile laptops are once again representing a return of risk that has largely been only lightly addressed by many organizations.
Threats against the end user are higher than ever, attacks show a clear and continuing shift towards success in compromising the end point
During every week of 2014, there was a measureable drop in detected attacks on weekends and holidays when workers were not in the office. On weekends and holidays, the workers are not in the office and end-user systems are either turned off, or not being used. This major drop in weekend attacks demonstrates that organizational controls are detecting security events related to end users.
DDoS attacks changed in nature with a massive shift towards amplification attacks using UDP protocols and this accounted for 63% of all DDoS attacks observed by NTT Group
NTP, SSDP and DNS were used in the vast majority of all DDoS attacks. Many of these attacks come from subverting exposed services in consumer based services (such as home Internet routers) to create DDOS traffic.
Attacks against Business & Professional Services increased from 9% to 15%
The attacks increased by more than 50% year on year and are the result of the risks inherited through business-to-business relationships. The likely implication is that this sector is generally softer, but high value targets for attackers.
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.