Unsecure Devices, Bad Cyber Hygiene Give Malicious Hackers a Leg Up
The 2019 report analyzes the biggest security findings over the past year from Ixia‘s Application and Threat Intelligence (ATI) Research Center, and highlights risks originating from historic unpatched vulnerabilities, as well as from growing network and application complexity.
Scott Stevens, Ixia’s vice president of U.S. enterprise sales, tells us the report provides guidance that can be used by MSSPs and other security providers that are facing the onslaught of cybersecurity threats, including highlighting and discussing specific threats that have been identified over the last year, the pervasiveness of their expansion, and how best to counter and mitigate their impact.
“The most intriguing finding in the report is the fact that disclosures of security vulnerabilities can actually have a negative impact — that of informing hackers who then get a head start on more mischief,” he said.
More new devices are joining networks than ever before, including more devices designed and deployed without proper measures to stop or even limit threats. Bad actors used well-understood structured query language (SQL) injections and cross-site scripting vulnerabilities to target web applications, according to the report. Code sharing posed a risk despite efforts by the open-source community to standardize controls and measures in web development. Code fragmentation makes it difficult to address this widespread problem.
Last year, Ixia detected nearly 663,000 phishing pages in the wild, and more than 8.5 million pages hosting or infected by malware — so a successful attack on an organization’s infrastructure requires only a single errant click on an email or link. A well-crafted and well-timed phishing attempt can encourage even tech-savvy users to click on compromised links, the report says.
In terms of cyber hygiene, well-known attacks and attack vectors remained successful because security personnel didn’t address vulnerabilities, either due to lack of knowledge of the latest patches or challenges in deploying them in a timely manner.
“The report does discuss at length the impact of the human element to vulnerabilities in security, and highlights the need for ongoing and relevant training and technological aids/reminders,” Stevens said.
In addition, cryptojacking reached new peaks in 2018, with hackers combining multiple classic attacks to deliver nearly autonomous malware. Ixia honeypots captured several new exploits that run an EternalBlue scan, and when successful, deposit a cryptominer on the network.
As for 2019, Stevens points to the following trends:
- Abuse of low-value endpoints will escalate.
- Brute-force attacks on public-facing systems and resources will increase.
- Cloud architectures will create complexity that increases attack surfaces.
- Phishing will continue to evolve.
- Multiphase attacks that use lateral movement and internal traffic will increase.
- Crypto mining/cryptojacking attacks will increase.