Cybersecurity has never been more of a mainstream concern than right now. Consider the breaches at major retail outlets, Apple’s vulnerability in its iOS platform, Yahoo’s recent malvertising attack, or how a breach at the University of Maryland gets a mention on NPR’s game show, Wait, Wait Don’t Tell Me.
Fortinet just released its 2014 Threat Landscape report, and I don’t think it could have come out at a better time. As we are inundated with news stories that tend to focus on sensationalism, the report provides a more realistic picture of what the threat landscape actually looks like right now.
The worst IT security problems probably aren’t too surprising: mobile malware, advanced persistent threats keeping up a steady attack on government and businesses, once dormant botnets that have returned to life, and the continuing rise of malware. But a surprising issue that the report identified was the startling amount of information theft. According to the report:
Information Security has trailed behind IT - often seen as an afterthought. Recent breaches of tens of millions of customers’ sensitive financial information has shed a new spotlight on security and the need for companies to build a comprehensive security posture to defend against the inevitable attacks on their systems.
The United States is a top target for malware infections, accounting for nearly 56 percent of total incidents in the top 10 countries most hit. Malware developers continue to take advantage of either our laziness or our gullibility with targeted attacks and phishing emails. There have been some changes in tactics to spread malware, though. According to the report:
2013 saw a year of cyclical change in the number of attempted attacks; as new exploits and tools were made available to the cyber underground, FortiGuard Labs saw a spike of incidents. Once these spikes were abated, we saw a brief lull in new infections, only to have another round of fresh attacks leveraging recently patched exploits and vulnerabilities.
Mobile malware, the report found, continues to target the Android platform, and it has picked up some serious steam over the last year. In early 2013, Fortinet saw 50,000 samples of Android-targeted malware per day. By the end of the year, that number jumped to 450,000 per day.
This is just a sample of what the threat landscape looks like today. It goes far deeper than the mainstream stories. Now the big question is: How prepared is your company to face these types of attacks?