Story image

IoT attacks, ransomware, and steganography? Fortinet looks at the latest cybercrime trends

12 Mar 18

IoT attacks, ransomware, industrial malware and steganography appeared to be some of the hottest cybercrime trends in Q4 2017 according to Fortinet’s Global Quarterly Threat Landscape Report.

Attacks increased compared to the previous quarter while in Asia Pacific, new malware variants and ransomware droppers were the most prevalent of malware.

Globally, an average of 274 exploit detections per firm were detected, an 82% increase over the previous quarter. Malware families increased by 25% and unique variants increased 19%.

One of the report’s most striking conclusions included the use of stenography in attacks – this is when an attack embeds malicious code in images.

Fortinet says that stenography as an attack vector has not had too much visibility in the last several years but it could be the start of a resurgence.

The Sundown exploit kit, which uses stenography to steal information, was one of the most reported exploits in Q4. It was found dropping multiple ransomware variants.

Other ransomware continued to be prevalent and the infamous Locky ransomware reigned supreme. A second strain of Locky emerged as part of a spam campaign that eventually resulted in ransom demands.

“The volume, sophistication, and variety of cyber threats continue to accelerate with the digital transformation of our global economy,” comments Fortinet’s CISO Phil Quade.

“Cybercriminals have become emboldened in their attack methods as they undergo a similar transformation, and their tools are now in the hands of many.”

Encrypted traffic using HTTPS and SSL grew as a percentage of total network traffic to a high of nearly 60% on average. While encryption can certainly help protect data in motion as it moves between core, cloud, and endpoint environments, Fortinet says it poses a challenge for traditional security solutions.

Meanwhile, three of the top 20 attacks targeted IoT devices including WiFi cameras. Botnets like Reaper and Hajime are able to target multiple vulnerabilities simultaneously.

The success of such attacks has been evident in Reaper’s exploit volume, which jumped from 50,000 exploits to more than 2.7 million for a few days before dropping back to normal levels.

In Asia Pacific, the top prevalent exploits detected exhibits a similar pattern, Fortinet says.

“Exploits targeting the Apache Struts and IP camera/DVR vulnerabilities make up some of the top exploits detected in APAC for Q4 2017 as well. IP camera/DVR vulnerabilities in APAC are quite prevalent as these devices are popular, available at low cost, but do not have sufficient security designed into them.”

Exploits against industrial control systems and safety instrumental systems suggest an increase in industrial malware. Fortinet suggests that these attacks are climbing higher on attackers’ radars.

 “The stark reality is that traditional security strategies and architectures simply are no longer sufficient for a digital-dependent organisation. There is incredible urgency to counter today’s attacks with a security transformation that mirrors digital transformation efforts. Yesterday’s solutions, working individually, are not adequate. Point products and static defenses must give way to integrated and automated solutions that operate at speed and scale,” Quade concludes.

Virtustream launches cloud automation and security capabilities
Virtustream Enterprise Cloud enhancements accelerate time-to-value for enterprises moving mission critical apps to the cloud.
TCS collaborates with Red Hat to build digital transformation solutions
“By leveraging TCS' technology skills to build more secure, intelligent and responsive solutions, we aim to deliver superior end-user experiences."
Twitter suspects state-sponsored ties to support forum breach
One of Twitter’s support forums was hit by a data breach that may have ties to a state-sponsored attack, however users' personal data was exposed.
How McAfee aims to curb enterprise data loss
McAfee DLP aims to help safeguard intellectual property and ensure compliance by protecting sensitive data.
HPE promotes 'circular economy' for end-of-use tech
HPE is planning to show businesses worldwide that throwing old tech and assets into landfill is not the best option when it comes to end-of-use disposal.
2018 sees 1,500% increase in coinmining malware - report
This issue will only continue to grow as IoT forms the foundation of connected devices and smart city grids.
CSPs ‘not capable enough’ to meet 5G demands of end-users
A new study from Gartner produced some startling findings, including the lack of readiness of communications service providers (CSPs).
Oracle announces a new set of cloud-native managed services
"Developers should have the flexibility to build and deploy their applications anywhere they choose without the threat of cloud vendor lock-in.”