90% of businesses report exploits of vulnerabilities dating back three or more years, leaving them open to hacks.
The vast majority of businesses are recording exploits for vulnerabilities that are three or more years old, with just over half reporting 10 year old vulnerabilities.
That’s according to Fortiguard, which found in its Q2 data that there were a total of 184 billion exploit detections, 62 million malware detections and 2.9 billion botnet communications attempts. High or critical exploits were experienced across over two thirds of firms in Q2 2017.
Surprisingly, almost 40% of exploit attempts didn’t occur during the working week but instead at weekends. The average daily attempts over Saturdays and Sundays were twice that of a weekday.
Fortinet findings display that poor cyber security hygiene and risky application use enables destructive worm-like attacks to take advantage of hot exploits at record speed. Instead of developing ways to break in, adversaries are spending more time focusing on leveraging automated and intent based tools to infiltrate more impact to business communities.
Malware software like WannaCry and NotPetya both exploited the same Microsoft vulnerability when they took over company systems. This vulnerability only had a patch available for a couple of months and those organisations who managed to escape the attacks had either installed security tools that would detect attacks targeting the
area of vulnerability or organisations applied the patch as it became available.
Phil Quade, chief information security officer at Fortinet, said: “Cybercriminals aren’t breaking into systems using new zero day attacks; they are primarily exploiting already discovered vulnerabilities. The technology innovation that powers our digital economy creates opportunity for good and bad in cyber security. Yet, something we don’t talk about often enough is the opportunity everyone has to limit bad consequences by employing consistent and effective cyber security hygiene.”
Effective cyber hygiene is the key to fighting ‘worm-like’ attacks. Adversaries can easily operate on a global scale using crime-as-a-service infrastructure and autonomous attack tools. Although threatening cyber-attacks like WannaCry were remarkably fast at spreading not only across one system, but multiple industries they could have been prevented had organisations consistently monitored and developed cyber hygiene across their systems.
Quade said: “Newer worm-like capabilities spread infections at a rapid pace and can scale more easily across platforms or vectors. Intent-based security approaches that leverage the power of automation and integration are critical to combat this new ‘normal’.”
As a result, there is no time or tolerance for any device or system downtime; speed and efficiency are critical in the developing economy if businesses want to survive and beat cyber-attacks.
As usage and formation of technology like applications, networks and devices develops so do exploits, malware and botnet tactics of cybercriminals at the same rate, if not more with cybercriminals ready to attack imminently and target new emerging technologies.
Use of applications can hinder the security of a firms system. No evidence was found that companies using cloud-based or social media applications could lead to increased malware infections or cyber hacks. However, it was found that those companies allowing large quantities of peer-to-peer application usage report seven times as many botnets and malware to those who don’t allow them.
In addition to applications hindering the security of business so do IoT devices; almost one in five organisations reported mobile devices being targeted by malware. Such devices leave a challenge for organisations due to the lack of control, visibility and protection traditional systems receive.
Fortinet’s report revealed that in every aspect of infrastructure and application usage the education sector are in the lead. Additionally the energy sector had the most conservative approach with other sectors lagging behind.
The research carried out by Fortinet covers global, regional, industry sector and organisation perspectives focusing on three central and complementary aspects of the threat landscape; application exploits, malicious software and botnets.