Moody's upgrades Saudi Arabia's credit rating to Aa3 with stable outlook    Riyadh Metro to begin partial operations next Wednesday: Report    Al Okhdood halts Al Shabab's winning streak with a 1-1 draw in Saudi Pro League    Mahrez leads Al Ahli to victory over Al Fayha in Saudi Pro League    Al Qadsiah hands Al Nassr their first defeat in the Saudi Pro League    Saudi musical marvels takes center stage in Tokyo's iconic opera hall    Downing Street indicates Netanyahu faces arrest if he enters UK    London's Gatwick airport reopens terminal after bomb scare evacuation    Civil Defense warns of thunderstorms across Saudi Arabia until Tuesday    Saudi Arabia, Japan strengthen cultural collaboration with new MoU    Slovak president meets Saudi delegation to bolster trade and investment ties    Saudi defense minister meets with Swedish state secretary    Navigating healthcare's future: Solutions for a sustainable system    Al Khaleej qualifies for Asian Men's Club League Handball Championship final    Sixth foreign tourist dies of suspected methanol poisoning in Laos    Katy Perry v Katie Perry: Singer wins right to use name in Australia    Trump picks Pam Bondi as attorney general after Matt Gaetz withdraws    Al-Jasser: Saudi Arabia to expand rail network to over 8,000 km    Sitting too much linked to heart disease –– even if you work out    Denmark's Victoria Kjær Theilvig wins Miss Universe 2024    Order vs. Morality: Lessons from New York's 1977 Blackout    India puts blockbuster Pakistani film on hold    The Vikings and the Islamic world    Filipino pilgrim's incredible evolution from an enemy of Islam to its staunch advocate    Exotic Taif Roses Simulation Performed at Taif Rose Festival    Asian shares mixed Tuesday    Weather Forecast for Tuesday    Saudi Tourism Authority Participates in Arabian Travel Market Exhibition in Dubai    Minister of Industry Announces 50 Investment Opportunities Worth over SAR 96 Billion in Machinery, Equipment Sector    HRH Crown Prince Offers Condolences to Crown Prince of Kuwait on Death of Sheikh Fawaz Salman Abdullah Al-Ali Al-Malek Al-Sabah    HRH Crown Prince Congratulates Santiago Peña on Winning Presidential Election in Paraguay    SDAIA Launches 1st Phase of 'Elevate Program' to Train 1,000 Women on Data, AI    41 Saudi Citizens and 171 Others from Brotherly and Friendly Countries Arrive in Saudi Arabia from Sudan    Saudi Arabia Hosts 1st Meeting of Arab Authorities Controlling Medicines    General Directorate of Narcotics Control Foils Attempt to Smuggle over 5 Million Amphetamine Pills    NAVI Javelins Crowned as Champions of Women's Counter-Strike: Global Offensive (CS:GO) Competitions    Saudi Karate Team Wins Four Medals in World Youth League Championship    Third Edition of FIFA Forward Program Kicks off in Riyadh    Evacuated from Sudan, 187 Nationals from Several Countries Arrive in Jeddah    SPA Documents Thajjud Prayer at Prophet's Mosque in Madinah    SFDA Recommends to Test Blood Sugar at Home Two or Three Hours after Meals    SFDA Offers Various Recommendations for Safe Food Frying    SFDA Provides Five Tips for Using Home Blood Pressure Monitor    SFDA: Instant Soup Contains Large Amounts of Salt    Mawani: New shipping service to connect Jubail Commercial Port to 11 global ports    Custodian of the Two Holy Mosques Delivers Speech to Pilgrims, Citizens, Residents and Muslims around the World    Sheikh Al-Issa in Arafah's Sermon: Allaah Blessed You by Making It Easy for You to Carry out This Obligation. Thus, Ensure Following the Guidance of Your Prophet    Custodian of the Two Holy Mosques addresses citizens and all Muslims on the occasion of the Holy month of Ramadan    







Thank you for reporting!
This image will be automatically disabled when it gets reported by several people.



FortiGuard Labs: Cyber adversaries exploiting pandemic at enormous scale
Published in The Saudi Gazette on 23 - 08 - 2020

Fortinet, a global leader in broad, integrated, and automated cybersecurity solutions, announced the findings of the latest semiannual FortiGuard Labs Global Threat Landscape Report.
FortiGuard Labs threat intelligence from the first half of 2020 demonstrates the dramatic scale at which cybercriminals and nation-state actors leveraged a global pandemic as an opportunity to implement a variety of cyberattacks around the world.
The adaptability of adversaries enabled waves of attacks targeting the fear and uncertainty in current events as well as the sudden abundance of remote workers outside the corporate network, which quickly expanded the digital attack surface overnight.
Although many compelling threat trends were related to the pandemic, some threats still had their own drivers. For example, ransomware and attacks targeting Internet-of-Things (IoT) devices as well as operational technology (OT) are not diminishing, but are instead evolving to become more targeted and more sophisticated.
At a global level, the majority of threats are seen worldwide and across industries, with some regional or vertical variation. Similar to the COVID-19 pandemic, a certain threat might have started in one area but eventually spreads almost everywhere, meaning most organizations could face the threat. There are of course regional differences in infection rates based on factors such as policies, practices, or response.
Highlights of the report follow.
"The first six months of 2020 witnessed an unprecedented cyber threat landscape. The dramatic scale and rapid evolution of attack methods demonstrate the nimbleness of adversaries to quickly shift their strategies to maximize the current events centered around the COVID-19 pandemic across the globe," said Derek Manky, chief, security insights & global threat alliances, FortiGuard Labs.
"There has never been a clearer picture than now, of why organizations need to adjust their defense strategies going forward to fully take into account the network perimeter extending into the home. It is critical for organizations to take measures to protect their remote workers and help them secure their devices and home networks for the long term. It is also wise to consider adopting the same strategy for cyber viruses that we are adopting in the real world. Cyber social distancing is all about recognizing risks and keeping our distance."
Seizing the Opportunity in Global Events: Attackers have used subjects in the news as social engineering lures before, but this moved to the next level in the first half of 2020. From opportunistic phishers to scheming nation-state actors, cyber adversaries found multiple ways to exploit the global pandemic for their benefit at enormous scale.
This included phishing and business email compromise schemes, nation-state-backed campaigns and ransomware attacks. They worked to maximize the global nature of a pandemic that affected everyone around the world combined with an immediately expanded digital attack surface. These trends were seen with other newsworthy items and demonstrate how quickly attackers can move to take advantage of major developments with broad social impact at a global level.
The Perimeter Gets More Personal: The increase in remote work created a dramatic inverse of corporate networks almost overnight, which cyber adversaries immediately started to leverage as an opportunity. In the first half of 2020, exploit attempts against several consumer-grade routers and IoT devices were at the top of the list for IPS detections.
In addition, Mirai and Gh0st dominated the most prevalent botnet detections, driven by an apparent growing interest of attackers targeting old and new vulnerabilities in IoT products. These trends are noteworthy because it demonstrates how the network perimeter has extended to the home with cybercriminals seeking to gain a foothold in enterprise networks by exploiting devices that remote workers might use to connect to their organizations' networks.
Browsers Are Targets Too: For attackers the shift to remote work was an unprecedented opportunity to target unsuspecting individuals in multiple ways. For example, web-based malware used in phishing campaigns and other scams outranked the more traditional email delivery vector earlier this year.
In fact, a malware family that includes all variants of web-based phishing lures and scams ranked at the top for malware in January and February and only dropped out of the top five in June. This may demonstrate the attempt of cybercriminals to target their attacks when individuals are the most vulnerable and gullible—browsing the web at home. Web browsers, not just devices, are also prime targets for cybercriminals, perhaps more than usual, as cybercriminals continue to target remote workers.
Ransomware Not Running Away: Well-known threats such as ransomware have not diminished during the last six months. COVID-19-themed messages and attachments were used as lures in a number of different ransomware campaigns. Other ransomware was discovered rewriting the computer's master boot record (MBR) before encrypting the data.
In addition, there was an increase in ransomware incidents where adversaries not only locked a victim organization's data but stole it as well and used the threat of widescale release as additional leverage to try and extort a ransom payment. The trend significantly heightens the risks of organizations losing invaluable information or other sensitive data in future ransomware attacks.
Globally, no industry was spared from ransomware activity and data shows that the five most heavily targeted sectors for ransomware attacks are telco, MSSPs, education, government, and technology. Unfortunately, the rise of ransomware being sold as a service (RaaS) and the evolution of certain variants indicates that the situation with ransomware is not going away.
OT Threats After Stuxnet: June marked the 10th anniversary of Stuxnet, which was instrumental in the evolution of threats to, and security of, operational technology. Now, many years later, OT networks remain a target for cyber adversaries. The EKANS ransomware from earlier this year shows how adversaries continue to broaden the focus of ransomware attacks to include OT environments.
Also, the Ramsay espionage framework, designed for the collection and exfiltration of sensitive files within air-gapped or highly restricted networks, is an example of threat actors looking for fresh ways to infiltrate these types of networks. The prevalence of threats targeting supervisory control and data acquisition (SCADA) systems and other types of industrial control systems (ICS) is less in volume than those affecting IT, but that does not diminish the importance of this trend.
Mapping Exploitation Trends: A review of the CVE List shows the number of published vulnerabilities added has risen over the last few years, sparking discussion over the prioritization of patching. Even though 2020 looks to be on pace to break the number of published vulnerabilities in a single year, vulnerabilities from this year also have the lowest rate of exploitation ever recorded in the 20-year history of the CVE List.
Meanwhile, vulnerabilities from 2018 claimed the highest exploitation prevalence at 65%, and more than a quarter of organizations registered attempts to exploit 15-year-old CVEs. For cyber adversaries, exploit development at scale and distribution via legitimate and malicious hacking tools continues to take time.
The Urgency to Secure the Network Perimeter Extending Into the Home
With the increase in connectivity, devices, and ongoing need for remote work, the digital attack surface is expanding. With the corporate network perimeter extending to the home, attackers are looking for the weakest link and fresh attack opportunities. Organizations need to prepare by taking concrete steps to protect their users, devices and information in ways similar to the corporate network.
Threat intelligence and research organizations can help by providing broad insight as the threat landscape evolves as well as in-depth analysis of attack methods, actors, and new tactics to help supplement the cyber knowledge of organizations. The need for secure teleworker solutions to enable secure access to critical resources while scaling to meet the demands of the entire workforce has never been greater.
Only a cybersecurity platform designed to provide comprehensive visibility and protection across the entire digital attack surface–including networked, application, multi-cloud, or mobile environments–is able to secure today's rapidly evolving networks. — SG


Clic here to read the story from its source.