"The trends we observe in the Threat Landscape Review indicate that malware attacks against industries such as finance, healthcare and critical infrastructure occur over similar channels but in significantly different proportions. It is essential that information security practitioners, from management to governance to enablement and execution, stay current on trends and malware distribution patterns and take a prevention-centric approach to securing their organisations," said Ryan Olson, Intelligence Director, Unit 42, Palo Alto Networks.
Among the key findings:
· Organisations need visibility into the types of traffic traversing their networks so they can quickly identify and prevent threats. All verticals saw e-mail (SMTP) and HTTP as the primary channels for malware delivery, but the percentages for each industry vary significantly, indicating that these industries have different threat profiles. Retail and wholesale organisations received almost 28% of malware over the web, while hospitality organisations received just 2% over the same channel.
· Malware was delivered in over 50 distinct applications, 87% of which were delivered over e-mail and 11.8% through web browsing (HTTP). While these two channels account for the majority of malware attacks, it is important that organisations are able to identify malware in any application allowed in their network.
· Over 90% of unique malware samples were delivered in just one or two attacks. Most of these files are part of overarching malware families, but by deploying distinct files just once or twice attackers can evade many antivirus programs. Practitioners need to consider security that can identify and stop attacks at multiple stages in the attack kill chain.
· One malware family, known as Kuluoz or Asprox, was responsible for about 80% of all attack sessions recorded during October 2014, impacting nearly 2,000 different organisations. This malware has plagued Internet users for years, despite multiple attempts to disrupt its infrastructure.
Download the Unit 42 Threat Landscape Review here. Organisations can also request a customised version of the analysis provided in the Threat Landscape Review. An Enterprise Risk Report, which helps organisations understand how their networks compare to those of their industry peers regarding malware attacks.
*The Unit 42 Threat Landscape Review is a recurring report examining how organisations in different industries are affected by malware. Research was performed by Unit 42, the Palo Alto Networks threat intelligence team, and includes data from WildFire, which is a key component of the Palo Alto Networks threat intelligence cloud that helps identify threats from applications by executing them in a virtual environment.
· Over 90% of unique malware samples were delivered in just one or two attacks. Most of these files are part of overarching malware families, but by deploying distinct files just once or twice attackers can evade many antivirus programs. Practitioners need to consider security that can identify and stop attacks at multiple stages in the attack kill chain.
· One malware family, known as Kuluoz or Asprox, was responsible for about 80% of all attack sessions recorded during October 2014, impacting nearly 2,000 different organisations. This malware has plagued Internet users for years, despite multiple attempts to disrupt its infrastructure.
Download the Unit 42 Threat Landscape Review here. Organisations can also request a customised version of the analysis provided in the Threat Landscape Review. An Enterprise Risk Report, which helps organisations understand how their networks compare to those of their industry peers regarding malware attacks.
*The Unit 42 Threat Landscape Review is a recurring report examining how organisations in different industries are affected by malware. Research was performed by Unit 42, the Palo Alto Networks threat intelligence team, and includes data from WildFire, which is a key component of the Palo Alto Networks threat intelligence cloud that helps identify threats from applications by executing them in a virtual environment.
No comments:
Post a Comment