NTT Report Demonstrates Changing Approaches of Cyber-Criminals

There was a marked increase in the volume of cyber-attacks across all industries in 2019 compared with 2018, according to NTT’s 2020 Global Threat Intelligence Report (GTIR) published today. The study also revealed the extent to which cyber-criminals are innovating their methods, which is causing major challenges to all organizations.

According to the global technology service company, the most common methods used by malicious actors last year were remote code execution (15%) and injection (14%) attacks. Such attacks were found to be effective due to organizations’ poor practices related to network, operating system and application configuration, testing, security controls and overall security hygiene.

Additionally, the growing use of artificial intelligence (AI) and machine learning to automate attacks by cyber-criminals was highlighted, with 21% of malware detected found to be in the form of a vulnerability scanner.

NTT also said it had seen a re-emergence of Internet of Things (IoT) weaponization in 2019, with a resurgence of Mirai and derivatives underpinning these attacks.

In the wide-ranging report, it was revealed that technology was the sector most targeted by cyber-criminals last year, involved in 25% of all attacks compared with 17% in the previous year. More than half of attacks aimed at this industry were application-specific (31%) and DoS/DDoS (25%). This was followed by government, at 16% of all attacks, and finance at 15%.

Around 20% of attacks targeted content management systems such as WordPress, Joomla!, Drupal and noneCMS, which criminals see as a means of stealing data from businesses and launching further attacks.

Mark Thomas, global head of threat intelligence at NTT, commented: “The technology sector experienced a 70% increase in overall attack volume. Weaponization of IoT attacks also contributed to this rise and, while no single botnet dominated activity, we saw significant volumes of both Mirai and IoTroop activity. Attacks on government organizations nearly doubled, including big jumps in both reconnaissance activity and application-specific attacks, driven by threat actors taking advantage of the increase in online local and regional services delivered to citizens.”

The report also made some observations regarding the activities of cyber-criminals so far in 2020, particularly in light of the COVID-19 pandemic.

Matthew Gyde, president and CEO of the security division, NTT, said: “The current global crisis has shown us that cyber-criminals will always take advantage of any situation and organizations must be ready for anything. We are already seeing an increased number of ransomware attacks on healthcare organizations and we expect this to get worse before it gets better. Now more than ever, it’s critical to pay attention to the security that enables your business, making sure you are cyber-resilient and maximizing the effectiveness of secure-by-design initiatives.”

What’s Hot on Infosecurity Magazine?