Cyber attacks fall in volume but grow in sophistication
Cyber criminals are employing more sophisticated techniques in their attacks, including the use of 'false flagging' to disguise their true source.
This is one of the findings of the latest threat intelligence report from NTT Security, on a positive note though it records a 35 percent decrease in the number of attacks in the final quarter of 2016.
But Rob Kraus, director of security research and strategy at NTT Security warns that companies shouldn't be lulled into a sense of false security. "At the same time, the intensity and sophistication of these attacks are on the rise. Hackers are shifting their strategy from widespread attacks to a more focused effort to compromise specific targets they can leverage, opening the door for more malicious and potentially lucrative actions."
Among the top targeted industries, the Q4 report cites retailing as particularly attractive to hackers and cyber criminals. This is largely due to the fact that most retailers process customers' credit and debit card information through their systems. There was an 11 percent increase in the volume of attacks against retailers, with key loggers and spyware accounting for 68 percent of all malware across retail clients.
Other findings include that remote code execution (RCE) exploits in Adobe Flash were the most common, accounting for 22 percent of all application-specific attacks. Nation-state attacks are on the rise too, with evidence of state-sponsored actions identified in two-thirds of the 30 tracked industry verticals. Malicious traffic from Russian Federation hosts also jumped from 10th place to the top three during the quarter. The average length of time that cyberattacks go undetected is a worrying 146 days, while some state-sponsored Advanced Persistent Threat activities can go undetected for years.
You can find out more in the full report which is available to download from the NTT website.