Cybersecurity Jumps Up The Corporate Agenda

Uploaded on 2018-08-22 in NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-IT & Telecoms

Security professionals are more worried about data breaches and cyber-attacks than they were a year ago, with most fearing that Meltdown-Spectre attacks are becoming the norm.

System compromises and ransomware are the greatest threats to organisations, with 20% listing both as their primary concern, according to Neustar’s International cyber benchmarks index report.

These are closely followed by distributed denial of service (DDoS) attacks (19%), financial theft (18%), and attacks on intellectual property (17%), the survey of security professionals across Europe, the Middle East, Africa and the US shows.

Nearly half of those polled (47%) see DDoS attacks as increasingly harmful to their organisation this year, up from 38% in 2017. On average, 40% of respondent organisations said they have been targeted by DDoS attacks.

Almost all companies surveyed (98%) have taken steps to minimise risks from attacks exploiting the Meltdown and Spectre chip vulnerabilities, with 90% of respondents saying they believe these attacks will become the norm.

Neustar’s Changing face of cyber-attacks report, which examined the effects of memcached attacks and the largest DDoS attack ever recorded at 1.7Tbps, demonstrates how the different types of threat propagating today, combined with the sheer volume of attacks, can paint a discouraging picture.

The report also underlines that today’s threats seldom occur in isolation. For example, a DDoS threat in one segment can divert attention from malware in another, while ransomware can be used to hasten data exfiltration.

According to the report, IPv6 attacks will rise as companies adopt the new standard. Neustar thwarted what is believed to be the first IPv6 attack, which presented a new direction that attackers are likely to pursue as more and more companies adopt IPv6 and run dual IPv4/IPv6 stacks, the report said.

Running IPv4 and IPv6 in parallel speeds up IPv6 network implementation, but works against consistent security, the report warns.

It adds that matters are complicated even further by the fact that many security tools still do not support IPv6 or may not be configured properly, which allows attackers to bypass firewalls and intrusion prevention systems, generating malicious IPv6 traffic that these controls do not recognise.

The growth of devices making up the Internet of Things (IoT) is paving the way for botnets, which are constantly evolving, the report said, pointing out that cyber criminals can rent or buy these botnets with ease, making these threats one of the biggest issues for enterprises today.

Rodney Joffe, Neustar senior vice-president and fellow, said the reports’ findings should come as no surprise to anyone.

“Yes, security professionals are becoming more concerned about the level of threat to their organisations, because that same level of threat is continuing to rise at an extreme rate,” he said.

“As we have seen over the past year, there are more threats to be aware of, whether in the form of DDoS, malware, application layer attacks or something else entirely, leaving professionals confused about where the next attack is coming from.

“To successfully prepare for a cyber-attack in today’s landscape is to accept that your organisation will be the next target. If you are online, you are susceptible to an attack. Whether you are most vulnerable or not is entirely up to you.”

Computer Weekly

You Might Also Read: 

Inside the Intel Chip Security Problem:

Get Serious About Hardware Cybersecurity:

 

« Phishing Tools Used To Attack The Power Grid
Blockchain In Plain English »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 8,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Zybert Computing

Zybert Computing

Zybert Computing provide server solutions with built-in security and information protection features for the SME market.

National Information Security & Safety Authority (NISSA) - Libya

National Information Security & Safety Authority (NISSA) - Libya

NISSA is responsible for safeguarding the integrity, availability and resilienceof ICT infrastructure, resources, services and data in Libya.

Foundation Futuristic Technologies (FFT)

Foundation Futuristic Technologies (FFT)

FFT is a global leader in computer forensics and digital investigation solutions.

Air Informatics

Air Informatics

Air Informatics LLC provides security, information management, analytics and informatics for IT and wirelessly enabled airplanes and operations.

FRSecure

FRSecure

FRSecure is a full-service information security management company that protects sensitive, confidential business information from unauthorized access, disclosure, distribution and destruction.

3Elos

3Elos

3Elos operates in the Information Technology market with a focus on research, development, consulting, marketing and implementation of Information Security solutions.

HALOCK Security Labs

HALOCK Security Labs

HALOCK is an information security consultancy providing both strategic and technical security offerings.

PKI Solutions

PKI Solutions

PKI Solutions offers Public Key Infrastructure (PKI) products, services, and training to help ensure the security of organizations now and in the future.

Tidal Cyber

Tidal Cyber

We formed Tidal for one simple reason—we believe that defenders need and deserve tools and services that make achieving the benefits of threat-informed defense practical and sustainable.

Board of Cyber

Board of Cyber

Board of Cyber offers Security Rating: a fast, non-intrusive, continuous, 100% automated solution to evaluate the cyber performance of an organization.

Klarytee

Klarytee

Protect your data wherever it goes. Klarytee is a SaaS platform that builds security into sensitive content to enable granular control in AI, public cloud and SaaS.

Robosoft Technologies

Robosoft Technologies

Robosoft Technologies is a full-service digital transformation partner. We provide end-to-end digital transformation services in areas including cybersecurity.

Zafran

Zafran

Zafran is a Risk & Mitigation Platform that defuses threat exploitation by mobilizing existing security tools.

HTX (Home Team Science & Technology Agency)

HTX (Home Team Science & Technology Agency)

HTX brings together science and engineering capabilities to transform the homeland security landscape and keep Singapore safe.

Thero6

Thero6

Thero6 develop dynamic financial analysis algorithms that help prevent coin collapses and theft of cryptocurrency funds by identifying the transaction absolutely throughout the chain.

Cloudsmith

Cloudsmith

Cloudsmith is the only cloud-native, global, universal artifact management platform for securely developing and distributing software.