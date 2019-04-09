|By Business Wire
|
Article Rating:
|April 9, 2019 09:19 AM EDT
NTT Security, the specialized security company, has launched its 2019 Global Threat Intelligence Report (GTIR) which reveals finance as the most attacked sector for six of the past seven years, accounting for 17% of all attacks. The technology sector joined finance this year with 17% of the attacks. Education and government are both new entries in the list of global top five industries – rising from 4% to 11% and 5% to 9% respectively – with coin mining campaigns largely to blame for the increased attacks in educational environments.
NTT Security summarizes data from trillions of logs and billions of attacks for the 2019 GTIR, which analyzes threat trends based on log, event, attack, incident and vulnerability data from NTT Group operating companies. In the new report, NTT Security continues its analysis of attacks against 18 industry sectors and shares its observations of the challenges faced by organizations globally.
The GTIR also reveals how coin mining is leading the evolution of malware and how cyber attackers are increasingly adapting their attack patterns and intrusion sets to include coin mining in their toolkits. Illicit coin mining accounted for a significant amount of activity during the past year, with the technology and education sectors making up over 86% of all coin mining detections. The most active coin miners detected were XMRig (62%) – commonly used by Rocke, 8220 Mining Group and Tor2Mine – followed by CoinHive (24%) and Coin Miner (13%).
In the GTIR, credential theft and web-application attacks were found to be among the most prevalent activities during the past year. The most common technical attack used to commit credential theft was phishing (67%) with attackers targeting credentials for Microsoft (45%), Google (27%), PayPal (15%) and DocuSign (10%) in an attempt to gather usernames and passwords.
Globally, organizations experienced an average of 32% of all attacks as web attacks, a number which has crept up slightly from 29% in 2017. Finance became the most targeted industry, accounting for 46% of web attacks, reinforcing its vulnerability to these types of cyberattacks.
John South of the Threat Intelligence Communication Team, Global Threat Intelligence Center at NTT Security, says: “Finance is yet again on the top spot when it comes to targeted attacks, which surely is enough evidence to convince the board that cybersecurity is a must-have investment. Many financial organizations are moving forward with digital transformation but without prioritizing security as a core business requirement. While legacy methods and tools are still effective at providing a solid foundation for mitigation, new attack methods are continually being developed by malicious actors. Security leaders should ensure basic controls remain a primary focus but they must also embrace innovative solutions if they provide a good fit and true value.”
Mr. Fumitaka Takeuchi, Security Evangelist, Vice President, Managed Security Service Taskforce, Corporate Planning at NTT Communications, says: “Many organizations are caught up in simply buying solutions to problems that either don’t really exist, or a solution which costs more than the potential loss being prevented. Our advice for organizations, regardless of the industry they operate in, is to leverage existing relationships with trusted experts and to keep an eye on professional and managed service maturity in the cybersecurity space. First and foremost, it is essential to know where the real risks lie and then develop solutions accordingly.”
Matthew Gyde, Group Executive – Cybersecurity at Dimension Data, says: “This year’s GTIR clearly demonstrates that cybersecurity attacks are constantly evolving. While attack volumes don’t always increase, new threats are certainly being introduced. In fact, 2018 set a record for the number of new vulnerabilities identified and reported in a single year. NTT Group has spent the last 15 years working with our clients to help them defend against the evolving threat landscape which is increasingly complex. Understanding the threat environment helps our clients predict and mitigate potential threats in the digital world.”
“The threat report indicates the variety of attacks is not as broad as it would seem, while the United States and China are also often identified as the most common attack sources,” said Mike Barch, VP of Security Services, NTT DATA Services. “As frequently attacked industries, such as health care and financial services, safeguard their businesses from sophisticated cybercriminals, leaders must ensure a completely secure infrastructure, from endpoint to core, that allows them to focus on daily operations.”
Summary of other key global findings:
- Finance is one of just two industries (alongside the technology sector) to appear in the top five in every geographic region (Americas, Asia-Pacific and EMEA as well as globally)
- Like finance, the technology industry accounts for 17% of all attacks (albeit both of which saw a drop from 26% and 19% last year respectively). It is followed by business and professional services (12%), education (11%) and government (9%)
- The technology sector accounted for 46% of all coin mining detections followed by education (40%), health care (9%), business and professional services (2%), and finance (1%) sectors to round out the top five industries impacted
- Coin mining ran on systems in which the malicious application was using as a host (75%), as opposed to JavaScript (web-based) coin mining (25%). Education was the most observed sector for coin mining malware, at 52%, followed by technology (46%)
- 73% of all hostile activity falls into four categories: web attacks, reconnaissance, service-specific attacks, and brute-force attacks – up from 52% the previous year
- Application-specific and web-application attacks doubled over the past year. Attacks targeting bash, Apache Struts and Samba accounted for 54% of all hostile activity
- Web attacks accounted for 32% of all hostile traffic – rising to over 53% of hostile activity against the most attacked industries in EMEA
- 35% of all attacks originated from IP addresses within the United States and China. The remaining attack sources varied across regions, with EMEA and APAC each showing a significant amount of attacks from within their own region
To learn more about the how this year’s GTIR offers organizations a robust framework to address today’s cyber threat landscape, follow the link to download the NTT Security 2019 GTIR: https://www.nttsecurity.com/2019GTIR.
About NTT Security
NTT Security is the specialized security company and the center of excellence in security for NTT Group. With embedded security, we enable NTT Group companies (Dimension Data, NTT Communications and NTT DATA) to deliver resilient business solutions for clients’ digital transformation needs. NTT Security has multiple SOCs, seven R&D centers, over 1,500 security experts and handles hundreds of thousands of security incidents annually across six continents.
NTT Security ensures that resources are used effectively by delivering the right mix of Managed Security Services, Security Consulting Services and Security Technology for NTT Group companies – making best use of local resources and leveraging our global capabilities. NTT Security is part of the NTT Group (Nippon Telegraph and Telephone Corporation), one of the largest ICT companies in the world. Visit nttsecurity.com to learn more about NTT Security or visit www.ntt.co.jp/index_e.html.
Methodology for the Global Threat Intelligence Report (GTIR)
The NTT Security 2019 Global Threat Intelligence Report contains global attack data gathered from NTT Security and supported operating companies from October 1, 2017, to September 30, 2018. The analysis is based on log, event, attack, incident and vulnerability data from clients. It also includes details from NTT Security research sources, including global honeypots and sandboxes located in over 100 countries in environments independent from institutional infrastructures. Leveraging the indicator, campaign and adversary analysis from our Global Threat Intelligence Platform has played a significant role in tying activities to actors and campaigns.
NTT Security summarizes data from trillions of logs and billions of attacks for the 2019 GTIR. NTT Security gathers security log, alert, event and attack information, enriches it to provide context, and analyzes the contextualized data. This process enables real-time global threat intelligence and alerting. The size and diversity of our client base, with over 10,000 security clients on six continents, provides NTT Security with security information which is representative of the threats encountered by most organizations.
The data is derived from worldwide log events identifying attacks based on types or quantities of events. The use of validated attack events, as opposed to the raw volume of log data or network traffic, more accurately represents actual attack counts. Without proper categorization of attack events, the disproportionately large volume of network reconnaissance traffic, false positives, authorized security scanning and large floods of DDoS monitored by Security Operations Centers (SOCs), would obscure the actual incidence of attacks.
The inclusion of data from the 10 SOCs and seven research and development centers of NTT Security provides a highly accurate representation of the ever-evolving global threat landscape.
View source version on businesswire.com: https://www.businesswire.com/news/home/20190409005614/en/
The Japan External Trade Organization (JETRO) is a non-profit organization that provides business support services to companies expanding to Japan. With the support of JETRO's dedicated staff, clients can incorporate their business; receive visa, immigration, and HR support; find dedicated office space; identify local government subsidies; get tailored market studies; and more.
Apr. 9, 2019 11:15 AM EDT
SUSE is a German-based, multinational, open-source software company that develops and sells Linux products to business customers. Founded in 1992, it was the first company to market Linux for the enterprise. Founded in 1992, SUSE is the world's first provider of an Enterprise Linux distribution.
Apr. 9, 2019 11:00 AM EDT
When you're operating multiple services in production, building out forensics tools such as monitoring and observability becomes essential. Unfortunately, it is a real challenge balancing priorities between building new features and tools to help pinpoint root causes. Linkerd provides many of the tools you need to tame the chaos of operating microservices in a cloud native world. Because Linkerd is a transparent proxy that runs alongside your application, there are no code changes required. I...
Apr. 9, 2019 11:00 AM EDT
Druva is the global leader in Cloud Data Protection and Management, delivering the industry's first data management-as-a-service solution that aggregates data from endpoints, servers and cloud applications and leverages the public cloud to offer a single pane of glass to enable data protection, governance and intelligence-dramatically increasing the availability and visibility of business critical information, while reducing the risk, cost and complexity of managing and protecting it. Druva's...
Apr. 9, 2019 11:00 AM EDT
CloudEXPO has been the M&A capital for Cloud companies for more than a decade with memorable acquisition news stories which came out of CloudEXPO expo floor. DevOpsSUMMIT New York faculty member Greg Bledsoe shared his views on IBM's Red Hat acquisition live from NASDAQ floor. Acquisition news was announced during CloudEXPO New York which took place November 12-13, 2019 in New York City. Our Silicon Valley 2019 schedule will showcase 200 keynotes, sessions, general sessions, power panels, and...
Apr. 9, 2019 11:00 AM EDT
ScaleMP is the leader in virtualization for in-memory high-end computing, providing higher performance and lower total cost of ownership as compared with traditional shared-memory systems. The company's innovative Versatile SMP (vSMP) architecture aggregates multiple x86 systems into a single virtual x86 system, delivering an industry-standard, high-end shared-memory computer. Using software to replace custom hardware and components, ScaleMP offers a new, revolutionary computing paradigm. vSMP F...
Apr. 9, 2019 11:00 AM EDT
Pragmasoft is a team of highly experienced developers, testers and UX designers. They are passionate about bringing innovation and advancement right to your doorsteps. This is their profession and they simply love driving Agility. They are proud to utilize Agile and accelerate their customers level of innovation. Their mission is to translate the needs of customers to adaptive technology and software solutions by providing lean software development.
Apr. 9, 2019 11:00 AM EDT
As you know, enterprise IT conversation over the past year have often centered upon the open-source Kubernetes container orchestration system. In fact, Kubernetes has emerged as the key technology -- and even primary platform -- of cloud migrations for a wide variety of organizations. Kubernetes is critical to forward-looking enterprises that continue to push their IT infrastructures toward maximum functionality, scalability, and flexibility. As they do so, IT professionals are also embr...
Apr. 9, 2019 11:00 AM EDT
Atmosera delivers modern cloud services that maximize the advantages of cloud-based infrastructures. Offering private, hybrid, and public cloud solutions, Atmosera works closely with customers to engineer, deploy, and operate cloud architectures with advanced services that deliver strategic business outcomes. Atmosera's expertise simplifies the process of cloud transformation and our 20+ years of experience managing complex IT environments provides our customers with the confidence and trust tha...
Apr. 9, 2019 11:00 AM EDT
Your applications have evolved, your computing needs are changing, and your servers have become more and more dense. But your data center hasn't changed so you can't get the benefits of cheaper, better, smaller, faster... until now. Colovore is Silicon Valley's premier provider of high-density colocation solutions that are a perfect fit for companies operating modern, high-performance hardware. No other Bay Area colo provider can match our density, operating efficiency, and ease of scalability.
Apr. 9, 2019 11:00 AM EDT
Intel is an American multinational corporation and technology company headquartered in Santa Clara, California, in the Silicon Valley. It is the world's second largest and second highest valued semiconductor chip maker based on revenue after being overtaken by Samsung, and is the inventor of the x86 series of microprocessors, the processors found in most personal computers (PCs). Intel supplies processors for computer system manufacturers such as Apple, Lenovo, HP, and Dell. Intel also manufactu...
Apr. 9, 2019 10:45 AM EDT
The widespread success of cloud computing is driving the DevOps revolution in enterprise IT. Now as never before, development teams must communicate and collaborate in a dynamic, 24/7/365 environment. There is no time to wait for long development cycles that produce software that is obsolete at launch. DevOps may be disruptive, but it is essential. DevOpsSUMMIT at CloudEXPO expands the DevOps community, enable a wide sharing of knowledge, and educate delegates and technology providers alike.
Apr. 9, 2019 10:15 AM EDT
At CloudEXPO Silicon Valley, June 24-26, 2019, Digital Transformation (DX) is a major focus with expanded DevOpsSUMMIT and FinTechEXPO programs within the DXWorldEXPO agenda. Successful transformation requires a laser focus on being data-driven and on using all the tools available that enable transformation if they plan to survive over the long term. A total of 88% of Fortune 500 companies from a generation ago are now out of business. Only 12% still survive. Similar percentages are found throug...
Apr. 9, 2019 10:15 AM EDT
While more companies are now leveraging the cloud to increase their level of data protection and management, there are still many wondering “why?” The answer: the cloud actually brings substantial advancements to the data protection and management table that simply aren’t possible without it. The easiest advantage to envision? Unlimited scalability. If a data protection tool is properly designed, the capacity should automatically expand to meet any customer’s needs. The second advantage: the ...
Apr. 9, 2019 10:15 AM EDT
Cloud-Native thinking and Serverless Computing are now the norm in financial services, manufacturing, telco, healthcare, transportation, energy, media, entertainment, retail and other consumer industries, as well as the public sector. The widespread success of cloud computing is driving the DevOps revolution in enterprise IT. Now as never before, development teams must communicate and collaborate in a dynamic, 24/7/365 environment. There is no time to wait for long development cycles that pro...
Apr. 9, 2019 10:00 AM EDT