Story image

The many 'interesting' threat trends in A/NZ and around the world

01 Nov 2016

Fortinet’s global security strategist Derek Manky recently visited both Australia and New Zealand to talk all things cyber security. 

He heads up the activities of more than 200 full-time threat researchers at seven FortiGuard Labs around the world, streamlining mitigation advice and threat forecasts.

Whilst down under, Manky revealed some of the top threat trends that are popping up around the world right now.

"What we have seen recently and over the course of 2016 has been interesting, ranging from large scale DDoS attacks on well-known sites/infrastructure, different Ransomware emerging, to changing landscape on exploit kits,” he says.

Manky explains that the recent attack on DYN DNS infrastructure utilises the scale and power of IOT devices, by using Mirai botnet on headless devices.

“This is in line with the FortiGuard threat predictions we made with M2M(Machine to Machine) attacks and headless worm prediction at start of 2016,” he says.

For Australia and New Zealand, Manky says there are some interesting trends.

He explains that around 100 A/NZ companies took part in a recent Fortinet survey. Of those numbers, more than half have detected malicious website attempt.

Healthcare in A/NZ is also seen to have been hit with the Nemucod malware family which is known to download Ransomware to victims. 

For those organisations looking to protect against future threats, Manky suggests to invest wisely in infrastructure.  

“A lot of threat vectors along the kill chain haven’t changed, such as DDoS, phishing attacks that leverages off social hot topics, mobile and app security etc,” he says.

“Enterprises have to evaluate wisely where they should invest their money on to get the best return.  The concept of ‘zero trust’ is not new, which leads to protection of ‘East-West’ traffic within Software Defined Datacenter, the use of public cloud such as Azure/AWS and how to secure them has also become quite an important topic also.

Threat Intel is also a hot emerging topic, which is commonly defined at information received which you can use react in a timely manner to malicious activities targeted towards you or your organisation.”

Manky explains that Fortinet quite often sees organisations becoming interested in exploring how they can use TI to strengthen their security posture, such as verticalised information, or purchasing TIP (Threat Intel Platforms) such a SIEM which has capacity to consume different feeds.

“Going forward we can see industry format on threat intel merging (such as STIX) and more enterprise consuming threat feeds from different sources at a strategic, tactical and operational level.”

New threat rears its head in new malware report
Check Point’s researchers view Speakup as a significant threat, as it can be used to download and spread any malware.
Oracle updates enterprise blockchain platform
Oracle’s enterprise blockchain has been updated to include more capabilities to enhance development, integration, and deployment of customers’ new blockchain applications.
Used device market held back by lack of data security regulations
Mobile device users are sceptical about trading in their old device because they are concerned that data on those devices may be accessed or compromised after they hand it over.
Gartner names ExtraHop leader in network performance monitoring
ExtraHop provides enterprise cyber analytics that deliver security and performance from the inside out.
Symantec acquires zero trust innovator Luminate Security
Luminate’s Secure Access Cloud is supposedly natively constructed for a cloud-oriented, perimeter-less world.
Palo Alto releases new, feature-rich firewall
Palo Alto is calling it the ‘fastest-ever next-generation firewall’ with integrated cloud-based DNS Security service to stop attacks.
The right to be forgotten online could soon be forgotten
Despite bolstering free speech and access to information, the internet can be a double-edged sword, because that access to information goes both ways.
Opinion: 4 Ransomware trends to watch in 2019
Recorded Future's Allan Liska looks at the past big ransomware attacks thus far to predict what's coming this year.