FEATURE
Refining malware for success:
Expanding on these approaches,
cybercriminals are also refining
malware to evade detection and
deliver increasingly sophisticated
and malicious attacks, such as the
evolution of the Emotet malware.
This is a troubling development for
organisations as cybercriminals
increasingly use malware to drop
other payloads on infected systems
to maximise their opportunities for
financial gain. Recently, attackers
have begun using Emotet as a payload
delivery mechanism for ransomware,
information stealers and banking
trojans including TrickBot, IcedID and
Zeus Panda. In addition, by hijacking
email threads from trusted sources
and inserting malicious malware into
those email threads, attackers are
significantly increasing the likelihood
that those malicious attachments will
be opened.
threat, the top botnets also tend to carry
over from quarter to quarter and region
to region globally with little change. This
suggests the control infrastructure is
more permanent than particular tools
or capabilities and that cybercriminals
not only follow new opportunities, but
like legitimate businesses, also leverage
existing infrastructure whenever
possible to increase efficiency and
reduce overhead.
Protecting for the unexpected:
Broad, integrated and
automated security
The expanding attack surface
and shifting attack strategies of
Derek Manky, Chief, Security Insights and
Global Threat Alliances, Fortinet
Maximising opportunity with older
vulnerabilities and botnets: Targeting
older, vulnerable systems that have
not been properly secured is still an
effective attack strategy. FortiGuard
Labs discovered that cybercriminals
target vulnerabilities 12 or more
years old more often than they target
new attacks. And in fact, they target
vulnerabilities from every subsequent
year since then at the same rate as they
do current vulnerabilities.
Similarly, this trend of maximising
existing opportunity also extends to
botnets. More so than any other type of
38
The expanding attack
surface and shifting
attack strategies
of cybercriminals
means organisations
cannot afford to
over-focus on a
narrow set of
threat trends.
cybercriminals means organisations
cannot afford to over-focus on a narrow
set of threat trends. It is essential that
organisations adopt a holistic approach
to securing their distributed and
networked environments. This requires
the deployment of a security fabric that
is broad, integrated and automated.
This approach will enable organisations
to reduce and manage the expanding
attack surface through broad
visibility across integrated devices,
stop advanced threats through AI-
driven breach prevention and reduce
complexity through automated
operations and orchestration.
In addition, threat intelligence that is
dynamic, proactive and available in real-
time plays a crucial role in identifying
trends by following the evolution of
attack methods targeting the digital
attack surface and then pinpointing
cyberhygiene priorities.
Looking ahead – 2020
predictions from BeyondTrust
BeyondTrust, a worldwide leader in
Privileged Access Management (PAM),
has announced its top security predictions
for the New Year and into 2025.
Morey J. Haber, Chief Technology
Officer and Chief Information Security
Officer, and Christopher Hills, Senior
Solutions Architect, Office of the CTO at
Issue 20
|
www.intelligentciso.com