Blog

Cyber threats hide plain sight

Share
Share
Share on facebook
Share on linkedin
Cyber_Threats_Hide_in_Plain_Sight_banner_v4 (1)

The findings are based on analysis of traffic data collected from 5,500 network assessments and billions of threat logs over a 12-month span. The report provides the industry’s most detailed assessment of the relationship between advanced cyber threats and the applications running on enterprise networks worldwide.

The Application Usage And Threat Report provides an analysis of applications and their link to cyber threats within the enterprise. The report summarises network traffic assessments performed worldwide in more than 5,500 organisations where 2,100 applications, 16,000 unique threats and billions of threat logs were observed.

Key takeaways:

  • Common sharing applications such as e-mail, social media, and video remain favored vehicles for delivering attacks but are often the start of multi-phased attacks rather than the focus of threat activity.
  • 99 percent of all malware logs were generated by a single threat using UDP; attackers also use applications like FTP, RDP, SSL, and NetBIOS to mask their activities.
  • 34 percent of applications observed can use SSL encryption; many network administrators are unaware of what applications on their networks use unpatched versions of OpenSSL, which can leave them exposed to vulnerabilities such as Heartbleed.

    In addition to the findings, the report includes actionable intelligence that security teams can use to better protect their networks, such as:

  • “Our research shows an inextricable link between commonly-used enterprise applications and cyber threats. Most significant network breaches start with an application such as e-mail delivering an exploit. Then, once on the network, attackers use other applications or services to continue their malicious activity – in essence, hiding in plain sight. Knowing how cyber criminals exploit applications will help enterprises make more informed decisions when it comes to protecting their organisations from attacks.”

    [Download not found]
  • Deploy a balanced safe enablement policy for common sharing applications – key to the success of this recommendation is documentation of the policies, education of users, and periodically updating the policy.
  • Effectively control unknown traffic – every network has unknown traffic: small in volume, averaging only 10 percent of bandwidth we observed, but high in risk. Controlling unknown UDP/TCP will quickly eliminate a significant volume of malware.
  • Determine and selectively decrypt applications that use SSL – selective decryption, in conjunction with enablement policies outlined above, can help businesses uncover and eliminate potential hiding places for cyber threats.

Related articles

6th May, 2022 | Nexon Asia Pacific
Innovation and agility will be your secret weapon in 2022
In the latest budget announcements, the Australian government announced plans to bolster cyber security investments to accelerate digital programs and prioritise relief to support cyber spending. This move highlighted the critical nature of our threat landscape and the need to build a cyber security workforce to minimise and mitigate cyber threats nationally. The question remains, […]
2 minutes
4th May, 2022 | Nexon Asia Pacific
Why Analytics and AI are essential and valuable to your organisation
Analytics and AI have become a significant area for businesses in recent years with an IDC research reporting that Australian organisations “will spend $2 billion on artificial intelligence systems by the end of 2022”, the research also predicted that investments in AI by Australian organisations “will continue beyond 2022, and AI spending will reach more […]
3 minutes
11th April, 2022 | Nexon Asia Pacific
Drive meaningful interactions and improve user experience
As the world rapidly changes, so does technology and customer expectations. In an ever-evolving reality where everyone seems to be going in the fast lane, organisations need to follow suit and invest in technology that improves interactions with customers, as well as delivers impactful experiences for employees and stakeholders. When the subject is virtual agents […]
3 minutes

Whitepaper

Expert strategies for tackling 2021’s cyber security norms

nexon-cybersecurity-ebook@1x 1