cxo voice
  • Home
  • News
  • Expert Opinion
  • Leaders Talk
  • Cyber Security
No Result
View All Result
  • Home
  • News
  • Expert Opinion
  • Leaders Talk
  • Cyber Security
No Result
View All Result
Interviews, IT and Technology News India | CXO VOICE
No Result
View All Result
Home News Cyber Security

Fortinet Threat Landscape Report Demonstrating Continued Increase In Cyberattacks

Deepa Sharma by Deepa Sharma
August 19, 2019
Reading Time: 4 mins read
Fortinet Threat Landscape Report
Share on FacebookShare on TwitterShare on Linkedin

Fortinet Threat Landscape Report reveals cybercriminals continuously looking for new attack opportunities throughout the digital attack surface and also they are leveraging evasion as well as anti-analysis techniques as they are becoming more sophisticated in their attempts.

Upping the Ante on Evasion Tactics

Many modern malware tools already incorporate features for evading antivirus or other threat detection measures, but cyber adversaries are becoming more sophisticated in their obfuscation and anti-analysis practices to avoid detection.

For example, a spam campaign demonstrates how adversaries are using and tweaking these techniques against defenders. The campaign involves the use of a phishing email with an attachment that turned out to be a weaponized Excel document with a malicious macro. The macro has attributes designed to disable security tools, execute commands arbitrarily, cause memory problems, and ensure that it only runs on Japanese systems. One property that it looks for in particular, an xlDate variable, seems to be undocumented.

Another example involves a variant of the Dridex banking trojan which changes the names and hashes of files each time the victim logs in, making it difficult to spot the malware on infected host systems.

The growing use of anti-analysis and broader evasion tactics is a reminder of the need for multi-layered defenses and behavior-based threat detection.

Under the Radar Attacks Aim for the Long-haul 

The Zegost infostealer malware, is the cornerstone of a spear phishing campaign and contains intriguing techniques. Like other infostealers, the main objective of Zegost is to gather information about the victim’s device and exfiltrate it. Yet, when compared to other infostealers, Zegost is uniquely configured to stay under the radar. For example, Zegost includes functionality designed to clear event logs. This type of cleanup is not seen in typical malware. Another interesting development in Zegost’s evasion capabilities is a command that kept the infostealer “in stasis” until after February 14, 2019, after which it began its infection routine.

The threat actors behind Zegost utilize an arsenal of exploits to ensure they establish and maintain a connection to targeted victims, making it far more of a long term threat compared to its contemporaries.

Ransomware Continues to Trend to More Targeted Attacks

The attacks on multiple cities, local governments, and education systems serve as a reminder that ransomware is not going away, but instead continues to pose a serious threat for many organizations going forward. Fortinet Threat Landscape Report showing Ransomware attacks continue to move away from mass-volume, opportunistic attacks to more targeted attacks on organizations, which are perceived as having either the ability or the incentive to pay ransoms. In some instances, cybercriminals have conducted considerable reconnaissance before deploying their ransomware on carefully selected systems to maximize opportunity.

For example, RobbinHood ransomware is designed to attack an organization’s network infrastructure and is capable of disabling Windows services that prevent data encryption and to disconnect from shared drives.

Another newer ransomware called Sodinokibi, could become another threat for organizations. Functionally, it is not very different from a majority of ransomware tools in the wild. It is troublesome because of the attack vector, which exploits a newer vulnerability that allows for arbitrary code execution and does not need any user interaction like other ransomware being delivered by phishing email.

Regardless of the vector, ransomware continues to pose a serious threat for organizations going forward, serving as a reminder of the importance of prioritizing patching and infosecurity awareness education. In addition, Remote Desktop Protocol (RDP) vulnerabilities, such as BlueKeep are a warning that remote access services can be opportunities for cybercriminals and that they can also be used as an attack vector to spread ransomware.

New Opportunities in the Digital Attack Surface

Digital Attack Surface, Between the home printer and critical infrastructure is a growing line of control systems for residential and small business use. These smart systems garner comparably less attention from attackers than their industrial counterparts, but that may be changing based on increased activity observed targeting these control devices such as environmental controls, security cameras, and safety systems. A signature related to building management solutions was found to be triggered in 1% of organizations, which may not seem like much, but it is higher than typically seen for ICS or SCADA products.  

Cybercriminals are searching for new opportunities to commandeer control devices in homes and businesses. Sometimes these types of devices are not as prioritized as others or are outside the scope of traditional IT management. The security of smart residential and small business systems deserves elevated attention especially since access could have serious safety ramifications. This is especially relevant for remote work environments where secure access is important.

How to Protect Your Organization: Broad, Integrated, and Automated Security

Threat intelligence that is dynamic, proactive, and available in real-time can help identify trends showing the evolution of attack methods targeting the digital attack surface and to pinpoint cyber hygiene priorities. The value and ability to take action on threat intelligence is severely diminished if it cannot be actionable in real-time across each security device. Only a security fabric that is broad, integrated, and automated can provide protection for the entire networked environment, from IoT to the edge, network core and to multi-clouds at speed and scale.

Michael Joseph, Director System Engineering, India & SAARC, Fortinet “The ever-widening breadth and sophistication of cyber adversaries’ attack methods is an important reminder of how they are attempting to leverage speed and connectivity to their advantage. Therefore, it is important for defenders to do the same and to relentlessly prioritize these important cybersecurity fundamentals, to position organizations to better manage and mitigate cyber risks. A security fabric approach across every security element that embraces segmentation and integration, actionable threat intelligence, and automation combined with machine learning is essential to enable these fundamentals to bear fruit.”

Source: Fortinet

Tags: Ante on Evasion TacticsCyber AttacksCyber securityCybercriminalsfortinetFortinet Threat Landscape Report
Deepa Sharma

Deepa Sharma

Senior Writer and Editor at CXO VOICE, She covers technology, cybersecurity, and financial and other tech news and updates. She can be reached at "deepa@cxovoice.com"

Related Posts

Ransomware Prevention Strategies
Cyber Security

8 Ransomware Prevention Strategies for Healthcare Providers

May 26, 2021
Why digital India is vulnerable to new-age cyber attacks
Cyber Security

Why digital India is vulnerable to new-age cyber attacks

November 6, 2020
IT Security
Cyber Security

Security of Organization’s IT Platforms

July 27, 2020
Cyber Threats evolution During Pandemic
Cyber Security

Evolution Of Cyber Threats During Pandemic: McAfee

July 22, 2020
Post Covid-19 cyber security
Cyber Security

Dealing with Cyber Security Challenges in the Post COVID-19 Era

June 26, 2020
IBM security cloud
Cyber Security

Security in the Cloud Remains Challenged by Complexity and Shadow IT: IBM

June 11, 2020
Working Remotely Cybersecurity
Cyber Security

Working Remotely While Ensuring Cybersecurity

April 30, 2020
Top Phishing attempts brand by cybercriminals : check points report
Cyber Security

Apple is Top Imitated Brand for Phishing Attempts: Report

April 15, 2020
Load More
Next Post
Employee Monitoring Software

5 Best Employee Monitoring Software of 2019

ADVERTISEMENT

Expert Views

Jaganathan Chelliah
Technology

Installing CCTV Cameras? Here is What You Need to Know

May 17, 2022
Wipro's Digital Database Services (DDS)
Banking

Cloud trends in the BFSI sector set to drive digital transformation in the new financial year

April 26, 2022
Cloud Data Protection
Cyber Security

Data Protection, a Key Part of Business Continuity

April 18, 2022
AI Cloud Enterprises
AI

What can AI Cloud do for Enterprises?

March 9, 2022
Data Modernisation
Technology

4 Key Trends Driving Data Modernization Across The Enterprises

January 28, 2022

Get Latest Update

Subscribe to our mailing list to receives newsletter direct to your inbox!

ADVERTISEMENT

Leaders Inerviews

Enterprises, and MSMEs IoT
Leaders Talk

IoT is now seen as an essential enabler for the enterprises to be future ready : Joyjeet Bose

-
Security While Working Remotely interview with Filip Coftas
Cyber Security

Security While Working Remotely [Interview]

-
Akita Security Device Help you Protect your Security During COVID-19 [Interview with Zakir Hussain]
COVID-19

Can Akita Security Device Help you Protect your Security During COVID-19 [Interview]

-
digital transformation and customer experience Newgen software
Interview

Digital Transformation Journey helps Newgen Software Improve Customer Experience [Interview]

-

Entrepreneur

Top 10 Richest Persons In India

Inspiring Women Entrepreneurs in India (2022)

Technology Adoption For Entrepreneurs

Volunteering management is the need of the Hour

CXO VOICE is a premier resource for the enterprises, SMBs and Startups CXOs and business leaders, It enables CXOs and business executives gain access key insights, experts views, analysis, business strategy, and leaders interviews on what’s happening in the market and its impact.

Connect with us

Easy Links

  • Cryptocurrency
  • Event
  • Blockchain
  • Press Release
  • Resources & Downloads

Write Us

contact@cxovoice.com

Newsletter

Subscribe to our mailing list to receives newsletter direct to your inbox!

  • Home
  • About
  • Contact Us
  • Advertise
  • Privacy & Policy
  • Feedback

© 2022 CXO VOICE

No Result
View All Result
  • Home
  • News
  • Expert Opinion
  • Leaders Talk
  • Cyber Security

© 2022 CXO VOICE