NTT Report Demonstrates Changing Approaches of Cyber-Criminals

There was a marked increase in the volume of cyber-attacks across all industries in 2019 compared with 2018, according to NTT’s 2020 Global Threat Intelligence Report (GTIR) published today. The study also revealed the extent to which cyber-criminals are innovating their methods, which is causing major challenges to all organizations.

According to the global technology service company, the most common methods used by malicious actors last year were remote code execution (15%) and injection (14%) attacks. Such attacks were found to be effective due to organizations’ poor practices related to network, operating system and application configuration, testing, security controls and overall security hygiene.

Additionally, the growing use of artificial intelligence (AI) and machine learning to automate attacks by cyber-criminals was highlighted, with 21% of malware detected found to be in the form of a vulnerability scanner.

NTT also said it had seen a re-emergence of Internet of Things (IoT) weaponization in 2019, with a resurgence of Mirai and derivatives underpinning these attacks.

In the wide-ranging report, it was revealed that technology was the sector most targeted by cyber-criminals last year, involved in 25% of all attacks compared with 17% in the previous year. More than half of attacks aimed at this industry were application-specific (31%) and DoS/DDoS (25%). This was followed by government, at 16% of all attacks, and finance at 15%.

Around 20% of attacks targeted content management systems such as WordPress, Joomla!, Drupal and noneCMS, which criminals see as a means of stealing data from businesses and launching further attacks.

Mark Thomas, global head of threat intelligence at NTT, commented: “The technology sector experienced a 70% increase in overall attack volume. Weaponization of IoT attac ..

Support the originator by clicking the read the rest link below.