Johannesburg, 15 May 2020
Cyber attacks are constantly evolving in order to avoid detection. Over the past year, Panda Security researchers have analysed over 14.9 million malware events, gathering insights into the global threat landscape, that will ultimately inform the way we protect organisations from advanced threats. Download the full report here.
Insights based on data
Through endpoint data gathered from devices around the world, researchers can monitor any changes, trends or anomalies in the global threat landscape. This data feeds everything from the artificial intelligence that analyses behaviours and creates patterns, to the threat hunting services responsible for intercepting threats and attacks.
Global hotspots
Thailand, the Middle East and South America have fallen victim to the highest number of attacks over the past year. The data gathered reveals that many of the top targeted areas globally are those that have minimal protection measures in place. These are attractive targets from cyber criminals and are often used to launch further attacks.
The proof is in the PDF: File-based attacks persist
Hackers continue to use file extensions to carry out their attacks. By abusing vulnerabilities in file extensions, cyber criminals can carry out attacks. The report further details the most popular extensions targeted by hackers.
The limits of whitelisting
Given our understanding of today’s threat landscape, a zero-trust approach to cyber security is key. Traditional protection methods have focused on a system of blacklisting and whitelisting of applications; however, increasingly we see incidents in which whitelisted applications are corrupted. Advanced cyber security solutions will go beyond whitelisting and actively monitor all software and processes. In this situation, malicious activity is flagged and stopped even if it results from whitelisted applications.
Firefox, Outlook and Internet Explorer exploited in fileless attacks
Productivity tools, browsers and OS components that are ubiquitous on most endpoints are commonly whitelisted. Applications or executables on these lists would never be classified as suspicious - making them ideal vectors for fileless attacks, live hacking, and living-off-the-land attacks. Anti-exploit technology makes it possible to protect organisations against these attacks.
Complex threats call for a multi-layered approach
Cyber attacks are constantly evolving, making them difficult to address with a single solution. A comprehensive approach is needed, including new generation EDR class protection with an integrated EPP stack, machine behaviour visibility as well as remote monitoring and management of devices.
The new threats and attacks highlighted in the report can be mitigated significantly with the latest security technology and services such as Panda's zero trust 100% attestation service and Threat Hunting and Investigation Service. Effective patch management delivers further reduction of the attack surface.
“This report clarifies why we need to adopt an adaptive security model such as that delivered by Panda Adaptive Defense,” says Jeremy Matthews, CEO of Panda Security Africa. “Implementing advanced technology capable of protecting against a multitude of threats, as well as having visibility and control of the network is critical,” continues Matthews.
For more in-depth analysis and insights, download the full report here.
Share