Outdated Cyber Defence Puts Organisations At Risk, Says Webroot


Adapt or die. Outdated cyber defences are putting organisations at risk from constantly changing online threats

Legacy security solutions are being seamlessly bypassed by the new generation of malware and other online cyber nastiness.

That is the warning from security specialist Webroot in its 2018 Annual Threat Report, which said that organisations need to be more proactive in building up their defences and adopt a multi-layered approach.

It has been a busy time for the company. Earlier this week it revealed the discovery of a new module for the TrickBot banking trojan. This will allow the trojan to “lock” the victims machine (i.e ransomware) if it doesn’t find any online banking credentials it can exploit.

Outdated defences

Webroot’s annual threat report found that attackers are constantly attempt new ways to get around established defences.

Indeed, Webroot’s data gathered throughout 2017, shows that attacks such as ransomware are becoming a worldwide threat and are seamlessly bypassing legacy security solutions.

Attackers are able to do this relatively easily because organisations are neglecting to patch, update, or replace their current products. And it reinforces the need for organisations to deploy multi-layered defences that can utilise real-time threat intelligence.

Among the most notable findings in the report, is the fact cryptojacking is gaining traction as a profitable and anonymous attack that requires minimal effort. Webroot said that since September 2017, more than 5,000 websites have been compromised with JavaScript cryptocurrency miner CoinHive to mine Monero by hijacking site visitors’ CPU power.

Another finding is relatively good news for PC users (at least those using more modern machines). This is because according to Webroot data, Windows 10 is almost twice as safe as Windows 7.

But the problem here is that enterprise migration to this newer operating system is slow, as Webroot saw only 32 percent of corporate devices running Windows 10 by the end of 2017.

Another key finding in the Webroot report is that ransomware and its variants have become an even more serious threat, as new and reused ransomware variants had been distributed with a variety of purposes over the past year.

Webroot said that WannaCry and NotPetya had infected more than 200,000 machines in over 100 countries within just 24 hours for example.

Another interesting takeaway is that the fact Webroot is seeing that nearly a quarter of all new websites have some nasty intent.

It said that of the hundreds of thousands of new websites created each day in 2017, 25 percent of URLS were “deemed malicious, suspicious, or moderately risky.”

High-risk URLs fell into two major categories: malware sites (33 percent) and proxy avoidance and anonymizers (40 percent).

Another headache for IT management is that phishing attacks are becoming increasingly targeted, using social engineering and IP masking to achieve greater success.

Webroot found that on average, phishing sites were online from four to eight hours, meaning they were designed to evade traditional anti-phishing strategies. Only 62 domains were responsible for 90 percent of the phishing attacks observed in 2017, it said.

Mobile threats

And attackers are increasingly looking to exploit people’s smartphones. Webroot found that 32 percent of mobile apps were found to be malicious, although it didn’t break down which mobile OS was the most affected.

It did said that trojans continue to be the most prevalent form of malicious mobile apps (67 percent), followed by PUAs (20 percent).

“Over the past year, news headlines have revealed that attackers are becoming more aggressive and getting extremely creative,” said Hal Lonas, CTO at Webroot. “Cryptojacking made our threat report for the first time this year as an emerging threat that combines everything an attacker could want: anonymity, ease of deployment, low-risk, and high-reward.”

“Organisations need to use real-time threat intelligence to detect these types of emerging threats and stop attacks before they strike,” said Lonas.

Migrating to more secure operating systems such as Windows 10 will also help matters, as well updating cyber defences on a regular basis.

Do you know all about security? Try our quiz!