Video | Agriculture | Confidence | Economy | Energy | Employment | Finance | Media | Property | RBNZ | Science | SOEs | Tax | Technology | Telecoms | Tourism | Transport | Search

 

NTT Ltd.’s Global Threat Intelligence Report: Attack Volumes Up As Cyber Criminals Innovate Faster

- Attackers using COVID-19 pandemic to launch attacks on vulnerable organizations -

- Technology tops most attacked industry list for first time to topple finance –

 NTT Ltd., a world-leading global technology services provider, today launched its 2020 Global Threat Intelligence Report (GTIR), which reveals that despite efforts by organizations to layer up their cyber defences, attackers are continuing to innovate faster than ever before and automate their attacks. Referencing the current COVID-19 pandemic, the report highlights the challenges that businesses face as cyber criminals look to gain from the global crisis and the importance of secure-by-design and cyber-resilience.

The attack data indicates that over half (55%) of all attacks in 2019 were a combination of web-application and application-specific attacks, up from 32% the year before, while 20% of attacks targeted CMS suites and more than 28% targeted technologies that support websites. For organizations that are relying more on their web presence during COVID-19, such as customer portals, retail sites, and supported web applications, they risk exposing themselves through systems and applications that cyber criminals are already targeting heavily.

Matthew Gyde, President and CEO of the Security division, NTT Ltd., says: “The current global crisis has shown us that cyber criminals will always take advantage of any situation and organizations must be ready for anything. We are already seeing an increased number of ransomware attacks on healthcare organizations and we expect this to get worse before it gets better. Now more than ever, it’s critical to pay attention to the security that enables your business; making sure you are cyber-resilient and maximizing the effectiveness of secure-by-design initiatives.”

NTT New Zealand’s Head of Cybersecurity Practice Matthew Lord says there are some key takeaways for New Zealand businesses in the report. “Hackers have clearly shifted focus from the finance sector to the technology sector. That indicates that the finance sector has significantly improved its defences while the technology sector continues to have weaknesses. Tight corporate budgets obviously don’t result in the best technology spend.”

“Another clear trend that matches what we see locally is the continuance of web app attacks. Our experience is that this stems from businesses and organisations assuming they are getting the full benefit of the best security their provider has to offer when in fact the provider can only supply the security foundation. The business’ web apps still have to be built securely and this is often where the vulnerability that hackers exploit resides.”

“The increasing number of global Governance, Risk and Compliance (GRC) initiatives is also having a beneficial effect on New Zealand businesses as exporters adopt these measures as a standard requirement of doing business. We’re also seeing a general increase in the security maturity of local businesses reflected in the more advanced tool sets our customers have been investing in.”

Industry focus: Technology tops most attacked list

While attack volumes increased across all industries in the past year, the technology and government sectors were the most attacked globally. Technology became the most attacked industry for the first time, accounting for 25% of all attacks (up from 17%). Over half of attacks aimed at this sector were application-specific (31%) and DoS/DDoS (25%) attacks, as well as an increase in weaponization of IoT attacks. Government was in second position, driven largely by geo-political activity accounting for 16% of threat activity, and finance was third with 15% of all activity. Business and professional services (12%) and education (9%) completed the top five.

Mark Thomas who leads NTT Ltd.’s Global Threat intelligence Center, comments: “The technology sector experienced a 70% increase in overall attack volume. Weaponization of IoT attacks also contributed to this rise and, while no single botnet dominated activity, we saw significant volumes of both Mirai and IoTroop activity. Attacks on government organizations nearly doubled, including big jumps in both reconnaissance activity and application-specific attacks, driven by threat actors taking advantage of the increase in online local and regional services delivered to citizens.”

2020 GTIR key highlights:

· Websites posing as ‘official’ source of COVID-19 information, but host exploit kits and/or malware – created at an incredible rate, sometimes exceeding 2000 new sites per day.

· Most common attack types accounted for 88% of all attacks: Application-specific (33%), web application (22%), reconnaissance (14%), DoS/DDoS (14%) and network manipulation (5%) attacks.

· Attackers are innovating: By leveraging artificial intelligence and machine learning and investing in automation. Some 21% of malware detected was in the form of a vulnerability scanner, which supports the premise that automation is a key focus point of attackers.

· Old vulnerabilities remain an active target: Attackers leveraged those that are several years old, but have not been patched by organizations, such as HeartBleed, which helped make OpenSSL the second most targeted software with 19% of attacks globally. A total of 258 new vulnerabilities were identified in Apache frameworks and software over the past two years, making Apache the third most targeted in 2019, accounting for over 15% of all attacks observed.

· DoS/DDoS attacks in APAC were higher than the global average, and about three times of the DoS/DDoS rate in EMEA, regularly appearing in the top five common attack types (Singapore #4 and Japan #5).

· Web-application and application-specific attacks dominated the region. They were the two most common attack types in Japan, and application-specific attacks were the most common attack types in Singapore and Hong Kong.

The 2020 GTIR also calls last year the ‘year of enforcement’ as the number of Governance, Risk and Compliance (GRC) initiatives continues to grow, creating a more challenging global regulatory landscape. Several acts and laws now influence how organizations handle data and privacy, including the General Data Protection Regulation (GDPR), which has set a high standard for the rest of the world, and The California Consumer Privacy Act (CCPA) which recently came into effect. The report goes on to provide several recommendations to help navigate compliance complexity, including identifying acceptable risk levels, building cyber-resilience capabilities and implementing solutions that are secure-by-design into an organization’s goals.

To learn more about how this year’s GTIR offers organizations a robust framework to address today’s cyber threat landscape, and to learn more about the emerging trends across different industries and regions, including the Americas, APAC and EMEA, follow the link to download the NTT Ltd. 2020 GTIR.

© Scoop Media

 
 
 
Business Headlines | Sci-Tech Headlines

 

Maritime NZ: NZ Joins Global Initiative Keeping Ports Open And Freight Moving

New Zealand has joined an international port authorities’ global initiative for safe and efficient movement of goods and shipping during the COVID-19 crisis. World-wide, 56 port authorities have agreed how they will work together facilitating maritime ... More>>

ALSO:

National: National Backs Businesses With $10k JobStart

National will provide a $10,000 cash payment to businesses that hire additional staff as part of our commitment to keeping New Zealanders in jobs, National Party Leader Todd Muller and Finance spokesperson Paul Goldsmith have announced. Our JobStart ... More>>

ALSO:

DIY Law: Government Exempts Some Home Improvements From Costly Consents

Homeowners, builders and DIYers will soon have an easier time making basic home improvements as the Government scraps the need for consents for low-risk building work such as sleep-outs, sheds and carports – allowing the construction sector ... More>>

ALSO:

Media Awards: The New Zealand Herald Named Newspaper Of The Year, Website Of The Year At Voyager Media Awards

The New Zealand Herald has been labelled a “powerhouse news operation” as it claims the two biggest prizes – Newspaper of the Year and Website of the Year – along with many individual awards at the 2020 Voyager Media Awards Website of the ... More>>

ALSO:

ASB Bank: ASB Takes The Lead Again With New Low Home Loan Interest Rate

ASB has moved again to support its customers, cutting a number of home loan rates, including the two-year special rate to a new low of 2.69% p.a. Craig Sims, ASB executive general manager Retail Banking says the reduced rate will be welcome news for many ... More>>

ALSO:

Nathan Hoturoa Gray: The Problems With Testing And Case Statistics For Covid-19

To begin to understand disease transmission in a country requires adequate testing of your population with properly vetted, accurate tests. As the world struggles to find what 'adequate percentage' of the population is necessary, (estimates predict ... More>>

ALSO:

RNZ: Fletcher Building To Lay Off 1000 Staff In New Zealand

The construction company will cut around 10 percent of its workforce as it struggles with the fallout from Covid-19. More>>

ALSO:

Can Pay, Won't Pay: Cashflow Moves Urged

Government Ministers are asking significant private enterprises to adopt prompt payment practices in line with the state sector, as a way to improve cashflow for small businesses. More>>

ALSO:

Gordon Campbell: On Why We Should Legally Protect The Right To Work From Home

For understandable reasons, the media messaging around Level Two has been all about “freedom” and “celebration”, but this is not necessarily going to be a universal experience. When it comes to workplace relations, Level Two is just as likely to ... More>>

ALSO:



Auckland Airport: Thousands Of Kiwis Travelling For Queen’s Birthday Weekend


Confidence in domestic travel is beginning to steadily ramp up, with thousands of Kiwis travelling within New Zealand for Queen’s Birthday.
Nearly 400 flights will be operating to and from Auckland Airport over the long weekend... More>>

ALSO:

Science Media Centre: Understanding 5G Concerns – Expert Q&A


Recent attacks on cell phone towers have brought concerns over the rollout of 5G technology into sharp relief.
While scientific research has consistently shown that the technology does not adversely affect human health, public concerns about its impact have spread around the world, fueled in part by growing misinformation online. The SMC asked experts to comment... More>>

ALSO:


Trade: Record Monthly Surplus As Imports Dive

Imports in April 2020 had their biggest fall since October 2009, resulting in a monthly trade surplus of $1.3 billion, Stats NZ said today. “This is the largest monthly trade surplus on record and the annual goods trade deficit is the lowest ... More>>

ALSO:


Media Blues: Stuff Chief Executive Buys Company For $1

Stuff chief executive Sinead Boucher has purchased Stuff from its Australian owners Nine Entertainment for $1.
The chief executive was returning the company to New Zealand ownership, with the sale is expected to be completed by 31 May.
"Our plan is to transition the ownership of Stuff to give staff a direct stake in the business as shareholders," Boucher said in a statement.... More>>

ALSO:

RNZ: Bar Reopening Night 'much, Much Quieter'

Pubs and bars are reporting a sluggish first day back after the lockdown, with the fear of going out, or perhaps the joy of staying home, thought to be a reason for the low numbers. More>>

ALSO:

Stats NZ: New Zealand’s Population Passes 5 Million

New Zealand's resident population provisionally reached 5 million in March 2020, Stats NZ said today. More>>

NIWA: Seven Weeks Of Clearing The Air Provides Huge Benefits: Scientist

Seven weeks of lockdown has provided evidence of how pollution can vanish overnight with benefits for the environment and individuals, says NIWA air quality scientist Dr Ian Longley. Dr Longley has been monitoring air quality in Auckland, Wellington ... More>>

ALSO:

Government: Milestone In Cash Flow Support To SMEs

A significant package of tax reforms will be pushed through all stages in Parliament today to throw a cash flow lifeline to small businesses. More>>

ALSO: