PALO ALTO, CA — (Marketwired) — 05/12/15 — NTT Innovation Institute (NTT I3) is pleased to announce the release of the 2015 NTT Global Threat Intelligence Report (GTIR). Once again, NTT i3 worked together with the NTT Group security companies to analyze the attacks, threats and trends from the previous year. Based on the analysis, NTT i3 has created an online digital Global Threat Intelligence Report (viewable at NTTGroupsecurity.com) that lets users grasp the threat landscape in an interactive manner. The resulting report combines an analysis of over six billion attacks observed in 2014 with an interactive data review and ongoing daily global threat visualization.
The report is focused on the changing threat landscape and the quantifiable shifts over the last year that alter corporate risk, and require a reevaluation of risk posture which requires organizational security transformation. Using this awareness, business and security leaders will be able to focus the security goals addressing the threat and security investment of their enterprises on the things that are most impacting their organizations. The report delves into detailed analysis of the changing infiltration tactics, the commoditization of malicious capabilities, spread of the threat and how the business of cybercrime is responding to successful defensive strategies with rapidly adapting tactics. Some of the key finding of the report include:
When vulnerabilities of medium risk in the Common Vulnerability Scoring System (CVSS) of 4.0 or higher are considered this highlights that even widespread scares such as Heartbleed and Shellshock have little long term effect on corporate risk management process and companies are still not effective at shedding their legacy vulnerabilities.
However, this is not due to the attackers being within the United States, but rather represents threat actors leveraging cheap cloud or vulnerable infrastructure within the US as an intermediary. This benefited the attacker by often being closer to their target and from more trusted geolocation.
This risk represents a return to some of the roots of information security. The users and their wide range of mobile laptops are once again representing a return of risk that has largely been only lightly addressed by many organizations.
During every week of 2014, there was a measureable drop in detected attacks on weekends and holidays when workers were not in the office. On weekends and holidays, the workers are not in the office and end-user systems are either turned off, or not being used. This major drop in weekend attacks demonstrates that organizational controls are detecting security events related to end users.
Network Time Protocol (NTP), Simple Service Discovery Protocol (SSDP) and Domain Name Service (DNS) were used in the vast majority of all DDoS attacks. Many of these attacks come from subverting exposed services in consumer based services (such as home Internet routers) to create DDOS traffic.
The attacks increased by more than 50% year on year and are the result of the risks inherited through business-to-business relationships. The likely implication is that this sector is generally softer, but high value targets for attackers.
This year–s report speaks to these issues and many others that occurred over 2014. It also focuses on how organizations can address the security challenges they represent through detailed analysis, remediation strategies, interactive infographics and case studies applicable to small, medium and large enterprises around the globe. The report was developed using NTT–s Global Threat Intelligence attack data from the NTT Group companies — including Solutionary, NTT Com Security, Dimension Data, NTT DATA, NTT R&D and NTT Innovation Institute, Inc. The key findings in the 2015 Global Threat Intelligence Report are a result of the analysis of approximately six billion worldwide verified attacks over the course of 2014. The data for this report were collected from sixteen Security Operations Centers (SOC) and seven R&D centers, and supported by the thousands of NTT security specialists, professionals and researchers from around the world.
For more information, visit:
NTT Innovation Institute
650.579.0800
You must be logged in to post a comment Login