The latest Fortinet Global Threat Landscape Report has found that not only are 9 out of 10 businesses being hacked through un-patched vulnerabilities, but that many of these vulnerabilities are 3 or more years old, and have patches available for them.
Basic Security Hygiene Needed
The damning report shows that even though two-thirds of the recorded attacks in Q2 2017 were ranked as either high or critical severity, the majority of them could have been prevented if businesses had practiced basic security hygiene by regularly scheduled patching.
The report, which draws upon over 3 million network devices and sensors deployed within live production environments around the world, not only shows that hackers have been able to attack nine out of 10 businesses with exploits that are more than three years old, but also that 60% of companies experienced successful attacks targeting devices for which a patch had been available for ten or more years.
Why Bother With New Ways?
With so many businesses not bothering to use the patches that have been available to them for years, many cyber criminals don’t need to go to the trouble and expense of looking for new a ways to break into networks.
Bought Time For Innovations By Hackers
The time and resources saved by hackers through being able to exploit old, known vulnerabilities has meant they have been able to spend more time developing automated and intent-based tools that can deliver sophisticated payloads that are hard to detect and remove. This has given them more success in breaking into systems using new zero-day attacks, and using new worm-like capabilities to spread infections rapidly, and on a large scale, and more easily across platforms or different vectors.
WannaCry Was Preventable For Many
Technical commentators have noted that both the WannaCry malware attack which had such a bad effect on NHS systems, and NotPetya (a massive ransomware attack in June) targeted a vulnerability that had been patched by Microsoft several months earlier. Much of the damage caused by the attacks could, therefore, have been prevented with some fairly simple measures.
Other Significant Findings
Other particularly significant findings of the Report are that the number of exploits detected increased nearly 30% over Q1 (cyber crime levels are rising again), attacks are becoming more sophisticated, the large amount of encrypted web traffic is making malware detection more difficult, and criminals appear to be finding it easier to break into new networks.
What Does This Mean For Your Business?
This Report shows that businesses need to pay attention to the basics of online and data security, particularly practicing basic security hygiene, and regularly scheduling patching in order to make sure that known vulnerabilities that could be easy picking for cyber criminals are fixed.
Even though cyber criminals obviously favour attacks on the ‘low hanging fruit’, it shouldn’t be forgotten that the sophistication and volume of threats is increasing, and multi-level attacks are common. This means that businesses need to train employees in cyber security practices, and need to adopt multi-layered defences that go beyond the traditional anti-virus and firewall perimeter idea.
The volume of data, and particularly encrypted data entering networks mean that businesses now need to seriously analyze how this will affect the performance of their current security tools, and be prepared to invest more, or outsource further help in this area.
Also, isolated security devices and platforms may no longer provide adequate company-wide protection, and companies may need to use tools that allow security devices to collect and share data and co-ordinate a unified response across the entire distributed network.