Outdated cyber defences putting companies at risk

null

As cyber threats such as phishing, malware and cryptojacking have grown increasingly sophisticated, new research has revealed that legacy security solutions are no longer able to defend against them. 

In its annual threat report, the security firm Webroot examined data collected throughout 2017 to illustrate how ransomware and other cyber attacks have become a global threat.  The company also shed light on the way that these attacks have been able to bypass legacy security solutions due to organisations neglecting to patch, update or replace their systems. 

The report highlighted how new and reused ransomware variants have become an even more serious threat with 200,000 machines being infected with WannaCry and NotPetya in over 100 countries

Phishing attacks have also become increasingly targeted as cyberattackers have turned to social engineering and IP masking to improve their success rates.  Phishing sites also bypassed security by remaining online for just four to eight hours in order to evade traditional anti-phishing strategies.  Webroot also found that 62 domains were responsible for 90 per cent of the phishing attacks that took place in 2017. 

As cryptocurrency prices increased in 2017, hackers turned to cryptocjacking as a profitable and anonymous attack method.  Since September of last year, over 5,000 sites were compromised with the JavaScript cyrptocurrency miner CoinHive which hijacked users' systems to mine Monero. 

Webroot's Chief Technology Officer, Hal Lonas stressed that organisations should utilise real time threat inteligence to better protect themselves, saying: 

“Over the past year, news headlines have revealed that attackers are becoming more aggressive and getting extremely creative. Cryptojacking made our threat report for the first time this year as an emerging threat that combines everything an attacker could want: anonymity, ease of deployment, low-risk, and high-reward. Organizations need to use real-time threat intelligence to detect these types of emerging threats and stop attacks before they strike.”   

Image Credit: Pavel Ignatov / Shutterstock