Threat Summary - Week 51, 2019

Reports / Surveys

Malware rises by 30%, antivirus detects only half of attacks

A new report by WatchGuard shows that traditional antivirus (AV) solutions are becoming increasingly ineffective in countering cyber threats. In Q3 of this year, malware campaigns increased by 30%. The percentage of zero day malware, i.e. malicious code capable of evading signature-based detection methods used by traditional AV, grew from 38% to just under 50%. Network attacks also increased, by 8%. The 10 most common network attacks included well-known threats like SQL injection (22.9%) and cross-site scripting (10.8%), as well as an Apache Struts 2 remote code execution vulnerability (CVE-2017-5638, 4.5%) that was used in the 2017 Equifax breach.

Accidental internal breaches put more and more firms at risk

Accidental exposure of sensitive data by an insider is a growing security headache for US organizations, recent research by Egress shows. In the past five years, accidental internal breaches impacted over 70% of organizations, with half of the reported incidents taking place last year. The cybersecurity decision makers that participated in the study identified these breaches as the third biggest security threat (46%), beaten only by external hacks (55%) and malware (53%). When it comes to accidental data breaches by employees, the most risky applications are:

  • External email (54%)
  • File sharing services (39%)
  • Collaboration tools (34%)
  • SMS (33%)

Financial services accounted for 62% of exposed records this year

A new Bitglass report shows that the business sector experienced more breaches (43%) than healthcare (36%), education (9%), financial services (7%) and government (6%) last year. However, when the number of leaked records is taken into account, the financial services sector accounts for the vast majority (62%) and is followed by healthcare (24%), business (11%), government (2%) and education (1%). In the financial services sector the most common causes of breaches were:

  • Malware (75%)
  • Accidental disclosures (18%)
  • Insider threats (6%)
  • Physical breaches (2%)

63% of firms report data compromise due to attacks exploiting hardware flaws

Almost two in three (63%) companies suffered a data compromise incident or breach in the past year as the result of threat actors taking advantage of a hardware or silicon-level flaw, a survey by Dell and Forrester indicates. Of the firms that suffered a hardware-based breach, the vast majority reported multiple incidents. Respondents pointed to data loss as the main consequence of these attacks, followed by financial loss from downtime. The 5 most common types of attacks were:

  • External attacks (29.4%)
  • Accidental internal incidents (14.4%)
  • Supply-chain attacks (11.8%)
  • Internal attacks (11.2%)
  • Insider threats (10.7%)

When it comes to external attacks, the 5 most common vectors were:

  • Phishing (43%)
  • Software vulnerabilities (41%)
  • Web applications (40%)
  • Mobile Malware (38%)
  • Ransomware (37%)

3 in 4 infosec pros: quantum computing will overcome encryption within 5 years

According to a recent study by Neustar, a majority (54%) of IT security pros are worried that developments in security technology will not be able to keep up with the evolution of quantum computing, resulting in new security risks and threats. In fact, 73% of survey respondents predicted that legacy technologies, including encryption, will be made obsolete by quantum computing within the next five years. However, these worries do not prevent 87% of security professionals from expressing excitement about the benefits that quantum computing may bring. The developments in quantum computing are closely monitored by 74% of firms, and 21% are starting to develop quantum computing strategies.

Freaky Infosec Fact of the Week

Hackers could eavesdrop on meetings and capture slides by exploiting flaws in smart TVs for conference rooms.

Earlier this year, security researchers with Forescout found multiple vulnerabilities in touchscreen smart TVs and real-time whiteboards developed by DTEN. The flaws made it possible for threat actors to access audio, view slides being displayed, and take full control of these devices.

What You Can Do

Considering that we're approaching the holiday seasons, organizations should ensure that they are preparing their users for cyber attacks that are going to be originating over the next few days. Although hackers don't sleep, this is the perfect time for them to capitalize on their attacks. Everyone is looking for ways to save on Christmas shopping and many of them will fall prey to a phishing attack that provide them with some great discounts (except it will come with malware).

Additionally, organizations should also consider ways to improve cyber hygiene amongst its users in 2020 rather than immediately budgeting for the next generation technology. Consider implementing additional user awareness training program enhancements or even rewarding your employees for identifying potentially dangerous phishing attacks. A $100 gift card is a lot cheaper than a $100,000 data breach, so don't be stingy! Increase awareness!


About Vonahi Security
Vonahi Security is building the future of offensive cybersecurity consulting services through automation. We provide the world's first and only automated penetration test that replicates full attack simulations with zero configuration. With over 30 years of combined industry experience in both offensive and defensive security operations, our team of certified consultants have experience working with a significant number of organizations, industries, networks, and technologies. Our service expertise includes Managed Security, Adversary Simulations, Strategy & Review, and User Education & Awareness. Vonahi Security is headquartered in Atlanta, GA. To learn more, visit www.vonahi.io

Stay Informed

  • Connect with us on Linkedin for Professional Security Tips
  • Like us on Facebook for Personal Security Tips
  • Follow us on Twitter for News & Threat Updates