Annual report exposes threat campaign, examines shifts in attacker tools, tactics and processes
Forcepoint has released the Forcepoint 2016 Global Threat Report, detailing some of the latest evolving threats, gathered from more than three billion data points per day in 155 countries around the world.
This year’s report analyses the impact of:
- A brand new botnet campaign that Forcepoint is calling “Jaku” that was discovered as a result of a 6-month investigation by Forcepoint’s Special Investigations (SI) team
- A new crop of opportunistic ransomware, anti-malware tools and issues caused by the ever-dissolving perimeter that are posing serious challenges to cybersecurity professionals and the organisations they aim to protect
- Increases in data breaches caused by both malicious and “accidental” insiders
- Inconsistent security controls between cloud providers and businesses, which are complicating data protection
- The continuing convergence of email and web attack vectors as nine out of ten unwanted emails contain one or more URLs and millions of malicious macros are being sent
“The rapid evolution of the cyber threat environment has consequences that are much broader than just technical, operational, and financial – they can impact every piece of a business,” said Forcepoint Chief Scientist Dr. Richard Ford. “With this Threat Report, we want to demystify these threats and help enable businesses with tools, recommendations and, quite simply, knowledge, so they can continue to move forward without fear.”
The Forcepoint 2016 Global Threat Report details multiple behavioural and technique-based trends and provides guidance on today’s most impactful threats to assist security professionals in planning their cybersecurity defence strategy.
Top findings include:
- Malicious content in email increased 250% compared to 2014, driven largely by malware and ransomware
- The United States hosts more phishing websites than all others countries combined
- Ransomware focus is sharpening, targeting countries, economies and industries where a high ransom is more likely to be paid
- “Insiders” – malicious and accidental – represent the biggest threat to company security and the one for which businesses feel least prepared
- Advanced evasion techniques are gaining in popularity and are combining multiple evasion methods, such as IP fragmentation and TCP segmentation, to create new ways to bypass access controls, attack watering holes and disguise traffic
The Forcepoint 2016 Global Threat Report data was collected and evaluated using the Threatseeker® Intelligence Cloud, working behind-the-scenes 24x7x365 to provide Forcepoint visibility into the very latest threats. The Forcepoint team provided expert interpretation, with researchers and engineers in Europe, the Middle East, Asia and North America performing interviews and investigations that examined attack activity and its impact across the full Kill Chain.
To download the Forcepoint 2016 Global Threat Report, visit www.forcepoint.com/threatreport. For ongoing research updates, be sure to follow the Forcepoint Security Labs blog at https://blogs.forcepoint.com/security-labs.
Forcepoint’s portfolio of products safeguards users, data and networks against the most determined adversaries, from accidental or malicious insider threats to outside attacks, across the entire threat lifecycle. Forcepoint protects data everywhere – in the cloud, on the road, in the office – simplifying compliance and enabling better decision-making and more efficient security. Forcepoint empowers organisations to concentrate on what’s most important to them while automating routine security tasks. More than 20,000 organisations around the world rely on Forcepoint. Based in Austin, Texas, with worldwide sales, service, security laboratories and product development, Forcepoint is a joint venture of Raytheon Company and Vista Equity Partners. For more about Forcepoint, visit www.Forcepoint.com and follow us on Twitter at @ForcepointSec.