Security professionals are more concerned over cyber attacks and data breaches than 12 months ago, with many now worried that Meltdown Spectre attacks are becoming commonplace.
System ransomware main concern
System ransomware and compromises are the main threats to companies, with 20 percent citing them as the No.1 concern, according to the International Cyber Benchmarks Index report from Neustar. Distributed Denial of Service (DDoS) attacks weren’t far behind, at 19 percent. Financial theft was 18 percent, and intellectual property attacks 17 percent. Respondents represented the US, Europe, Africa, and the Middle East.
Concerns over DDoS on the rise
Almost half of respondents (47 percent) have labeled DDoS a threat to their company, which is a 38 percent increase on figures from last year. An average of 40 percent of those who responded said that they have been made targets of DDoS attacks
Close to all of the firms polled (98 percent) have taken action towards minimizing risks associated with attacks designed to exploit vulnerabilities in the Meltdown and Spectre chip. A huge 90 percent said that they expect the attacks to become normalized. The reality remains, however, that these firms should be doing even more. All organizations, in fact, should be looking more towards preventative measures such as Web Application Firewalls (WAF), a managed service that fends off application layer attacks, such as zero-day threats and the OWASP Top 10.
No isolated incidents
The Changing Face of Cyber Attacks report, also from Neustar, assessed the damage caused by the largest-ever recorded DDoS attack and Memcached attacks. It reveals how the various types of modern threats, along with the high number of attacks, paints a bleak picture. The Neustar report also points out that the modern threat is rarely an isolated incident. A DDoS threat, for example, can divert attention from malware in one segment, while ransomware can hasten exfiltration of data in another.
The report asserts that we will see an increase in IPv6 attacks as organizations adopt the updated standard. Neustar fended off what is thought to be the very first IPv6 attack, which offered a new route that cybercriminals will likely pursue as a greater number of firms adopt IPv6 and run duel IPv4/IPv6 stacks, according to the report.
The report warned that running the two IPvs in parallel speeds doesn’t contribute towards consistent security. It added that it’s made even more complicated by the high number of security tools that are still incompatible with IPv6, or may be incorrectly configured, enabling cybercriminals to bypass intrusion preventing systems and generating malicious IPv6 traffic unrecognized by these controls.
The rising number of devices that comprise the Internet of Things (IoT) is assisting with the development of botnets, claimed the report. It explained that hackers can easily either rent or purchase these botnets, meaning that these threats rank among the biggest concerns for enterprises in the current climate.
Senior Vice President of Neustar, Rodney Joffe, said that, in order to prepare for a cyber attack, all organizations must assume that they’re the next target and that whether or not they are vulnerable depends on them.