Out-Law News | 07 Sep 2017 | 10:20 am | 1 min. read
In its latest quarterly threat report, eSentire said that it detected a 14% rise in fraud threats during the three month period, which it said "comprised largely of phishing attacks".
Phishing attacks are aimed at tricking employees in an organisation into revealing private or sensitive information and are usually carried out by email, phone or text. Unusual sender details, poor spelling, unnecessary urgency, offers too good to be true, suspicious attachments, and strange subject lines are often signs of a phishing attempt.
"Phishing techniques have long been considered a reliable means of compromise," eSentire said in its report. "Costly development of exploits is not required when adversaries can simply lure a victim into clicking on a link or executing a malicious file. With the bar raised for [exploit kits] in terms of cost and reliability, expect phishing to continue its upward trend into Q3."
According to eSentire, its Security Operations Centre detected four million cyber attacks across industries between 1 April and 30 June this year. Biotechnology and technology companies experienced the "largest volume" of attacks per "active internet device" in their operation, while the largest volume of attacks overall were on financial services firms, it said.
The report said that attackers are continuing to target "dated vulnerabilities", including those associated with the so-called 'Shellshock' bug, and that there had also been an increase in the targeting of "server-side vulnerabilities".
"Successful server-side exploitation remains a rarity, indicating current patch regiments are largely effective against known vulnerabilities," eSentire said. "Gaps remain, however, particularly with newly disclosed critical vulnerabilities. In fact, eSentire threat intelligence observed successful exploitations of external web server four days after public disclosure of a vulnerability."
"Organisations should consider expediting deployment for critical patches, particularly for assets exposed to public networks. Regular scans of publicly facing infrastructure will assist in assessing exposure, allowing organisations to detect and address known vulnerabilities before the adversary does," it said.