Free Newsletters for the Channel
Register for Your Free Newsletter Now
May 25, 2021
Cyberthreats might not be as sexy as you think they are, but they still can cause serious damage.
Cato Networks‘ latest network security analysis tells a different story than how “exotic” headlines describe cyberattacks. High-profile cases involving foreign groups and extremely advanced attack methods have dominated the news lately, but cyberthreats often come in far more mundane packages.
Cato’s Etay Maor
For example, although the Russian SolarWinds hack dominated news coverage last year, U.S. locations accounted for the vast majority of attack sources in the first quarter.
“Blocking network traffic to and from ‘the usual suspects’ may not necessarily make your organization more secure,” said Etay Maor, Cato’s senior director of security strategy. “Threat actors are hosting their Command & Control servers on ‘friendly’ grounds, including the U.S., Germany, and Japan.”
Source: Cato Networks
In addition, Cato argues that cybercriminals more commonly harness older exploits, which makes security patches all the more important. Many of the exploits have existed for up to 20 years.
“While organizations always need to keep up with the latest security patches, it is also vital to ensure older system and well-known vulnerabilities from years past are monitored and patched as well,” Maor said. “Threat actors are attempting to take advantage of overlooked, vulnerable systems.”
According to Cato, attackers often went after software like vSphere, Oracle WebLogic and Big-IP. They also targeted hardware, such as routers that contain remote administration vulnerabilities.
Cato revealed data trends from the 850-plus enterprise networks it oversees in its Q1 SASE Threat Research Report. Cato based its findings on 190 billion network flows that ran through Cato private network backbone. Out of those flows, Cato’s security controls listed 16 billion events, 181,000 cyberthreats and 19,000 incidents.
Cato listed Microsoft Office, Google Apps, Skype/Teams, TeamViewer and AnyConnect as the five cloud applications people use most. However, TikTok accounted for a large number of flows. Indeed, TikTok flows out-totaled Gmail’s — and we’re talking about enterprise networks. The trading app Robinhood joined TikTok as another popular consumer app.
“The increase in consumer applications not only consumes bandwidth but poses a security risk to enterprises,” Maor said. “As the type of data flow and applications changes, so does the way in which threat actors exploit vulnerabilities, and in turn, the way enterprises secure their networks must change as well.”
According to the report, network discovery scans triggered the most events, followed by reputation-based communication.
Source: Cato Networks
Cato converges security and networking features into the same cloud-based platform, utilizing more than 60 global points of presence. The Tel Aviv, Israel-based company last month updated its partner program to reflect a more “MSP-centric” approach.
Read more about:MSPs
Senior News Editor, Channel Futures
James Anderson is a news editor for Channel Futures. He interned with Informa while working toward his degree in journalism from Arizona State University, then joined the company after graduating. He writes about SD-WAN, telecom and cablecos, technology services distributors and carriers. He has served as a moderator for multiple panels at Channel Partners events.
You May Also Like
Zscaler, Juniper, Cato Launch New B2B Tech ServicesFeb 21, 2024
Meet Channel Futures' 50 Channel Influencers for 2024Feb 20, 2024
The Gately Report: Menlo Security Tackling Browser Attacks, AI ThreatsFeb 19, 2024
VMware Cloud Marketing Head: Broadcom Changes Mean Business ‘Will Only Get Better’Feb 16, 2024