The many 'interesting' threat trends in A/NZ and around the world
Fortinet’s global security strategist Derek Manky recently visited both Australia and New Zealand to talk all things cyber security.
He heads up the activities of more than 200 full-time threat researchers at seven FortiGuard Labs around the world, streamlining mitigation advice and threat forecasts.
Whilst down under, Manky revealed some of the top threat trends that are popping up around the world right now.
"What we have seen recently and over the course of 2016 has been interesting, ranging from large scale DDoS attacks on well-known sites/infrastructure, different Ransomware emerging, to changing landscape on exploit kits,” he says.
Manky explains that the recent attack on DYN DNS infrastructure utilises the scale and power of IOT devices, by using Mirai botnet on headless devices.
“This is in line with the FortiGuard threat predictions we made with M2M(Machine to Machine) attacks and headless worm prediction at start of 2016,” he says.
For Australia and New Zealand, Manky says there are some interesting trends.
He explains that around 100 A/NZ companies took part in a recent Fortinet survey. Of those numbers, more than half have detected malicious website attempt.
Healthcare in A/NZ is also seen to have been hit with the Nemucod malware family which is known to download Ransomware to victims.
For those organisations looking to protect against future threats, Manky suggests to invest wisely in infrastructure.
“A lot of threat vectors along the kill chain haven’t changed, such as DDoS, phishing attacks that leverages off social hot topics, mobile and app security etc,” he says.
“Enterprises have to evaluate wisely where they should invest their money on to get the best return. The concept of ‘zero trust’ is not new, which leads to protection of ‘East-West’ traffic within Software Defined Datacenter, the use of public cloud such as Azure/AWS and how to secure them has also become quite an important topic also.
Threat Intel is also a hot emerging topic, which is commonly defined at information received which you can use react in a timely manner to malicious activities targeted towards you or your organisation.”
Manky explains that Fortinet quite often sees organisations becoming interested in exploring how they can use TI to strengthen their security posture, such as verticalised information, or purchasing TIP (Threat Intel Platforms) such a SIEM which has capacity to consume different feeds.
“Going forward we can see industry format on threat intel merging (such as STIX) and more enterprise consuming threat feeds from different sources at a strategic, tactical and operational level.”