Indiscriminately Strike Organizations of All Sizes HOUSTON (BUSINESS WIRE)
Alert
the leading provider of Security-as-a-Servicesolutions, today released its latest cybersecurity analysis, “Critical
Watch Report: The State of Threat Detection 2018,” which shows cyber
attackers are gaining vastly greater scale through new techniques such
as killchain compression and attack automation, expanding the range of
organizations under constant attack regardless of industry or size.
To prepare the
cybersecurity
, Alert Logic Security Operations and Threat Intelligence teammembers analyzed data from more than 1.2 billion anomalies, 7.2 million
security events, and 250,000 verified security incidents across the
Alert Logic customer base of more than 4,100 organizations over a
14-month period between 2017 and 2018.
Among the notable findings in the report is the end of the traditional
killchain 1 , with 88 percent of killchain attacks now gaining
efficiency and speed by combining what was formerly the first five
phases―”recon,” “weaponization,” “delivery,” “exploitation” and
“installation”―into a single action. In the traditional killchain model,
organizations focused on stopping cyber threats at the earlier phases;
however, the new killchain creates near-instantaneous cyber attacks that
make many established security practices ineffective.
The report also exposes evidence that attackers have greatly expanded
their use of automation to launch random and recursive attacks that are
changing the way organizations have to assess risk. These automated
“spray and pray” attacks roll through a set of IP addresses at massive
scale, seeking vulnerabilities, and immediately execute further
automation to exploit them. Because these highly automated attacks hit
small-, medium- and enterprise-sized organizations indiscriminately and
at a similar rate, industry and size are no longer reliable predictors
of threat risk.
Another key finding is that cryptojacking
is now rampant, with many attacks featuring this as their primary
motivation. In the data analyzed, for example, it was observed that 88
percent of recent WebLogic attacks were cryptojacking attempts. The
report also found that web application attacks remain the most frequent
and dominant type of attack, with SQL injection attempts comprising 43
percent of all attacks observed.
“It’s no secret that attackers push the envelope and innovate attacks to
abuse weaknesses anywhere they find them―in cloud and hybrid
deployments, containerized environments, and on-premises systems,” said
Rohit Dhamankar, Vice President of Threat Intelligence Products at Alert
Logic. “What is troublesome is the use of force-multipliers like
automation to scale attacks for increased financial gain. This report
demonstrates that attackers are gaining increasing sophistication in
their ability to weaponize trusted techniques to exploit common
vulnerabilities and misconfigurations for purposes such as cryptomining.”
The report also establishes the prevalence of attack vectors by industry
for government & education, financial services & insurance, health
services, information technology & services, media communications &
entertainment, not-or-profit organizations, production/manufacturing &
logistics, and retail & hospitality.
In addition to the research findings, the report provides best practices
for remediation and cyber hygiene, as well as recommendations on how to
improve visibility and address staffing shortages, to help organizations
improve their security posture.
“While attackers continue to innovate with improved agility, speed and
covertness, defenders also have opportunities to evolve the way they
approach their security processes, procedures, and technologies. With
our deep understanding of new and enhanced attack methods, Alert Logic
can be a trusted partner in helping them,” said Dhamankar.
To download a free copy of the full report, Critical Watch Report: The
State of Threat Detection 2018, visit here .
Additional Resources
Blog
@AlertLogic
LinkedInAbout Alert Logic
Alert Logic delivers better cybersecurity
for everyone, regardless of their company’s size or technology
environment. Our proactive threat management platform, always-current
threat intelligence, and 24×7, customer-obsessed analyst services
protect organizations cost-effectively and with fast time-to-value. More
than 4,000 organizations trust their security to Alert Logic every day
so they can focus on what matters most―running their business. Founded
in 2002, Alert Logic is headquartered in Houston, Texas, with offices in
Austin, Seattle, Dallas, Cardiff, Belfast, London and Cali, Colombia.
For more information, please visit www.alertlogic.com .
1 Developed by Lockheed Martin,theCyber
identifies what actions adversaries must complete inorder to achieve their objective.
Contacts
For Alert Logic Inquiries:
W2 Communications
Christine
703-877-8114Public Relations
Christine@w2comm.com
Do you think you can beat this Sweet post? If so, you may have what it takes to become a Sweetcode contributor...Learn More.