Posts Tagged :

EMEA

Half of all phishing attacks originate from EMEA

960 719 Stuart O'Brien

A report published by NTT Security has revealed that over half (53%) of the world’s phishing attacks originated from Europe, the Middle East and Africa (EMEA).

The Global Threat Intelligence Report (GTIR) analysed global threat trends from 1st October 2015 – 31st September 2016 and showed that of all phishing attacks worldwide, 38% came from the Netherlands, second only to the US (41%).

The data also revealed that nearly three-quarters (73%) of all malware globally was delivered to its victims because of a phishing attack.

The report highlights the latest ransomware, phishing and DDoS attack tends and the impact of these threats against organisations, with the UK the third most common source of attacks against EMEA, behind the US at 26% and France 11%.

In terms of top attack source countries, the US accounted for 63% with the UK following at 4% and China 3%.

Some of the biggest regional differences related to brute force attacks, which are commonly used to crack passwords. Of all brute force attacks globally, 45 per cent started in EMEA – more than the Americas (20 per cent) and Asia (7 per cent) combined. In addition, 45 per cent of brute force attacks that targeted EMEA customers also started in the region.

Dave Polton, Global Director of Innovation at NTT Security, is calling for more active collaboration between business, government and law enforcement agencies to tackle global threats and to ensure measures are in place that will have a long-lasting impact on global security.

“While phishing attacks affected organisations everywhere, EMEA unfortunately emerged as the top region for the source of these attacks,” said Polton. “These figures, combined with those for brute force attacks, should be of very serious concern for any organisation doing business in EMEA, especially with the EU General Data Protection Regulation (GDPR) just around the corner.

“Any organisation processing data belonging to EU citizens need to demonstrate that their information security strategy is robust.”

Other key EMEA figures:

In EMEA, over half (54%) of all attacks were targeted at just three industry sectors – Finance (20%), Manufacturing (17%) and Retail (17%)

Over 67% of malware detected within EMEA was some form of Trojan

Top services used in attacks against EMEA – File shares (45%), Websites (32%) and Remote administration (17%)

Frank Brandenburg, COO and Regional CEO, NTT Security, concludes: “We all know that no security plan is guaranteed, and there will always be some level of exposure, but defining an acceptable level of risk is important. Clients are starting to understand that by default every employee is part of their organisation’s security team, and businesses are now seeing the value in security awareness training, knowing that educating the end user is directly connected to securing their enterprise.

“Expanding cyber education and ensuring employees adhere to a common methodology, set of practices, and mind set are key elements. Clients see that assisting and coaching their employees (end users) on the proper usage of technology will only enhance the organisation’s overall security presence.”

www.nttsecurity.com

Guest Blog, Adrian Crawley: Transforming security skills for a changing industry landscape…

800 450 Jack Wynn

Talk to any security specialist and they will tell you that, today, the number of different security attacks they potentially face is overwhelming. It’s the direct result of two trends. Firstly, professional hackers have become more sophisticated in their approach using automated attacks, whereby robots are used to launch very advanced persistent attacks, and secondly, the new wave of ‘off the shelf’ hacks that can be bought for as little as £20 are able to cause untold damage to a network. 

Of course, Bots aren’t new, but this year alone the industry has seen an extraordinary rise in their use, posing a big question to company security experts – can we cope? And the simple answer is no. Trying to respond to bots and make complex decisions quickly enough is something the human brain is simply not equipped to deal with; nor is it capable of managing high intensity attacks for days on end.

In response, more and more companies are employing good bots to fight back in a bid to move their security experts from the front line to more strategic development roles.

Strategy is such a fundamental part of security today. No longer is it possible to react on the spot; you need to anticipate the threats and stay ahead. Plus, it needs to be done in line with the overall company strategy and in conjunction with suppliers.

Suppliers are often overlooked, but today skills need to extend beyond your organisation and ensure that your internet service provider (ISP) for example won’t be the ‘cyber domino’ that takes you down. ISPs are one of the most targeted facilities because they are an easy route to attacking hundreds of companies at a time – attack once, damage many. The development of contracts that cover this risk is common practice and should not be underestimated.

In terms of company strategy, if you are moving to an internet of things model, or have ambitious plans to expand market share, your networks, and your partners’ networks, this will inevitably need to change and be able to manage a new level of demand to ensure consistent delivery and a great customer experience.

That’s why finding the tools that will always detect and mitigate the risks is an essential part of network and application delivery today. However, it’s also a necessity to know what the risks will be; they change so rapidly and it can be an impossible task to monitor the risks when you already have other responsibilities.

It’s thought that more than 20 per cent of companies are now turning to ex-hackers for help (37 per cent say they are considering it). As risky as it may sound, many IT directors have identified that they are able to tap into sources in the ‘darker’ web and listen into conversations that are happening between individual hackers, and organised groups. They are also able to spot the malicious technology developments and even tell you the next target, well before they hit.

As I say, for security professionals that have built a reputable career, this whole approach can seem an oxymoron. Why potentially cultivate an enemy within? It’s therefore important to have the right checks and balances, and day-to-day management skills in place to ensure conduct is above board at all times. Or indeed, assess if a security partner who employs the skill is a better option.

Whatever path you choose, the future will be constantly changing, and when security attacks are a question of when not if, every company needs a plan in place. How they are shaped will be down to the organisation and the sector it operates in, but understanding how technology and skill are blended will be an essential part of a successful strategy.

Adrian Crawley is responsible for the Northern EMEA region at Radware, specialising in network and application security. He oversees the cyber security for international brands as well as medium sized enterprises in a mix of sectors including finance and insurance, retail, utility, public sector and telcos and ISPs. 

Majority of organisations ‘victimised’ by cyber-attacks, new research claims…

800 450 Jack Wynn

A joint study carried out by the technology leader in application networking, A10 Networks and in partnership with the Ponemon Institute has found that the high risk of cyber-attacks to financial services, healthcare and other industries stems from the growing reliance on encryption technology.

The study, ‘Hidden Threats in Encrypted Traffic: A Study of North America & EMEA’, surveyed 1,023 IT security practitioners in Europe and North America, highlighting the increasing challenges these professionals face in the fight to prevent and detect attacks on encrypted traffic in and out of their organisations’ networks.

Nearly half of respondents (47 per cent) cited a lack of enabling security tools as the primary reason for not inspecting decrypted web traffic; closely followed by 45 per cent stating insufficient resources and degradation of network performance. However, 80 per cent claimed their organisations have previously been victims of cyber-attacks during the last 12 months, and nearly half say that the attackers used encryption to evade detection.

Director of cyber operations at A10 Networks, Dr. Chase Cunningham, said: “IT decision makers need to think more strategically. The bad guys are looking for ROI just like the good guys, and they don’t want to work too hard to get it. Instead of focusing on doing everything right 100 percent of the time, IT leaders can be more effective by doing a few things very strategically with the best technology available. It’s the cyber security equivalent of the zombie marathon — as long as you can avoid being the slowest in outrunning the zombies, you minimise risk.”

Although the study pinpoints that 75 per cent of survey respondents say their networks are at risk from malware hidden inside encrypted traffic, an estimated two-thirds admitted their company is ‘unprepared’ to detect malicious SSL traffic; leaving them vulnerable to costly data breaches and the loss of intellectual property.

Malwarebytes and Wick Hill partner to expand growing EU presence…

900 600 Jack Wynn

The advanced malware prevention and remediation provider, Malwarebytes, has announced a partnership with Wick Hill to become a pan-European value-added distributor specialising in security; agreeing to support Malwarebytes with its growing presence on the continent as well as its continued strategy to expand through ‘channel relationships’.

Both parties will work together to provide Malwarebytes’ advanced endpoint protection and remediation services and capabilities — such as ‘Endpoint Security’ and ‘Breach Remediation’ — for organisations to resellers in areas including the UK, the Nordics and France as part of a two-tier distribution model.

Vice president, sales EMEA at Malwarebytes, Anthony O’Mara, said: “Given the ever advancing threat landscape, the possibility of suffering a security breach has never been higher. Our proven ability to quickly detect and remediate these threats means our products are in higher demand than ever.  Wick Hill is an ideal partner for us and the company also operates an enviable range of partner support services and has a track record of helping vendors expand their reseller base and grow sales. As part of Rigby Private Equity (RPE), Wick Hill also has access to an established network of resellers across EMEA, and we will be taking advantage of that to grow our presence even further in the future.”