Attack volumes increasing across all industries

Due to the overwhelming success of the use of tools such as web shells, exploit kits and targeted ransomware, adversaries are still developing effective multifunction attack tools and capabilities.

The most common techniques observed globally were remote code execution (15%) and injection (14%) attacks. In most cases, these attacks continue to be effective due to organizations’ poor practices related to network, operating system, and application configuration, testing, security controls and overall security hygiene.

Cybercriminals are leveraging emerging technologies to hone and evolve their tradecraft

Adversaries are also leveraging artificial intelligence and machine learning and investing in the automation of attacks. Some 21% of malware detected was in the form of a vulnerability scanner which also supports the premise that automation is a key focus point of attackers. The Emotet banking trojan has also undergone a series of stealth modifications.

twitter iconAttack volumes increased across all industries between 2018 and 2019. #cybersecurity #GTIR2020 Tweet this

In addition, cybercriminals are taking advantage of the current COVID-19 pandemic by re-purposing their toolsets, deploying new infrastructure and developing innovative campaigns to proactively target vulnerable organizations.

Steps to success

How can you bolster your defenses against the evolving techniques and tools being developed and used by threat actors?

  • Pursue intelligence-driven cybersecurity

    Organizations following traditional cybersecurity practices must rethink their approach. The complexity of the threat landscape coupled with ever-changing standards, regulations and privacy legislation continues to raise the bar for what a comprehensive security program must address. Traditional practices are, and will remain, inadequate against modern threats, and organizations must acknowledge that absolute security is simply not possible. Cybersecurity and business leaders must change the way they think and apply security and must transform from a reactive mindset to a more effective, proactive and intelligence-driven approach.

  • Monitor the threat environment

    Businesses that keep a close eye on the current threat environment will have a significant advantage in addressing threats. Leveraging intelligent cybersecurity to guide decisions, support business agility and maintain an acceptable risk level for the organization is essential to success. If your organization isn’t leveraging organic threat intelligence capabilities, or actively collaborating in threat intelligence communities, it will be at a disadvantage while attempting to manage risk and ensure cyber-resiliency.

Mark Thomas

Mark Thomas

Global Head of Threat Intelligence, NTT Ltd.

How we can help you

form

Download the Technical Report and our Executive Guide