According to the Fortinet Threat Landscape Report for Q3 2017, based on threat data collected by Fortinet’s network devices and sensors worldwide, fully 79 percent of companies saw severe attacks between July 1 and September 30, 2017, with an average of 153 attacks per firm.
During Q3, the company saw 5,973 unique exploits, 14,904 unique malware variants from 2,646 different malware families, and 245 unique botnets. The average organization had two active botnets in their networks, with 3 percent seeing 10 or more infections.
“Midsize firms saw higher rates of botnet infections, a trend we doubt is limited to this quarter,” the report states. “It may be they represent a good “bang for the buck” from the adversary’s standpoint, with a large attack surface, lots of data, and yet a fraction of the resources of their larger brethren.”
“Remaining vigilant of new threats and vulnerabilities in the wild is critical, but organizations also need to keep sight of what is happening within their own environment,” Fortinet CISO Phil Quade said in a statement. “There is an incredible urgency to prioritize security hygiene and embrace fabric-based security approaches that leverage automation, integration, and strategic segmentation.”
More Phishing, Malware
According to NTT Security’s Q3 Threat Intelligence Report, the third quarter saw 24 percent more security events than the second quarter of 2017. Phishing campaigns and malware infections were both up more than 40 percent over the previous quarter.
The top five targeted industries in Q3 were finance (25 percent of attack detections), manufacturing (21 percent), business services (16 percent), healthcare (13 percent) and technology (12 percent).
Over the past year, the report states, about 10 percent of security incidents have been related to insider breaches — though only 25 percent of insider threats are hostile, with the remaining 75 percent caused by accidental or negligent activity.
“Whether it’s an accidental insider threat, where an employee sends sensitive documents to a competitor’s email, or a negligent insider threat, where an employee downloads unauthorized software and spreads a virus through the company, organizations must have a cyber security plan in place to minimize these risks,” NTT vice president Steven Bullitt said in a statement.
Bullitt said NTT has seen damages from insider breaches exceed $30 million. “Even in organizations that have well-defined incident response plans, they often don’t provide adequate remediation provisions for insider breaches, leaving the organization less prepared to react quickly,” he said.
Positive Technologies’ Cybersecurity Threatscape Report [PDF] for Q3 2017 states that the government sector faced 13 percent of attacks in the third quarter, exceeding the financial sector (at 7 percent) for the first time in two years.
Seventy percent of attacks during the third quarter were performed for direct financial gain, while 25 percent were focused on stealing data.
“Malware was a factor in almost half of attacks,” Positive Technologies analyst Olga Zinenko said in a statement. “In our view, the main cause is the popularity of Ransomware as a Service.”
“Website security is important like never before due to the boom in blockchain projects and ICOs,” Zinenko added. “When an attacker seizes control of a website, changing the site’s content can cause losses of millions of dollars before anyone is able to notice. Given the increase in new ICOs, we expect to see more attacks on blockchain platforms by year’s end.”