Nearly All Firms Are Unprepared For Next-gen Cyber-Attacks: Study

by CXOtoday News Desk    Apr 23, 2018

cyber attack

A new report has found that nearly all organizations are unprepared for fifth-generation cybersecurity threats, leaving them exposed to a new wave of malicious actors. Quoting the figure as 97 percent, the 2018 Security Report from Check Point Software Technologies that polled information technology security professionals worldwide across all industries about modern threats against various industries, encompassing health, manufacturing and government has come to this conclusion. [Read the full report here]

“We’re seeing a new generation of cyber-attacks – powered by leaked state-sponsored technology, these ‘Gen V’ attacks are multi-vector, fast-moving, and mega-scaled,” said Peter Alexander, Chief Marketing Officer of Check Point Software Technologies. “Despite this, 77 percent of CISOs expressed concern that their organizations aren’t equipped to handle these modern day attacks, and the vast majority of organizations’ security infrastructures are woefully outdated.”

The report further revealed that most organizations’ security is ten years and at least two generations behind the current 5th generation threat level underlining the worldwide, systemic Gen V vulnerability.

An interesting finding of the report was that every large company in the past year has experienced a mobile malware attack. The findings have also shown that even the most highly trusted app stores have weaknesses that are exploited on a regular basis and constantly offer malicious apps. The fifth generation of the cyber landscape gives criminals a wider attack surface and thus more opportunities to take advantage of it. In addition, new vulnerabilities, whether through Bluetooth or Wi-Fi, mean both organizations and consumers alike need to be aware of the risks mobile devices pose.

Of the key mobile Malwares that were prevalent in 2017 include CopyCat, the mobile malware that infected more than 14 million devices around the world, made millions of dollars by taking advantage of outdated devices with fake apps. It earned the hackers behind the campaign approximately $1.5 million in fake ad revenues in just two months. In addition, a new variant of Android Malware, dubbed ExpensiveWall, that registered mobile-device users for paid services without their permission was discovered in the Google Play Store. The malware had infiltrated the Google Play app store and infected at least 50 apps. The infected apps were downloaded between 1 million and 4.2 million times before Google removed them.

Also, a new cluster of malware samples which targets Samsung devices and Korean language speakers was discovered, including some found in Korean Bible apps. The Lazarus Group, allegedly backed by North Korea, is popularly believed to be behind the attack with the intention of specifically targeting the population of South Korea.

The report also found that every organization had suffered a mobile malware attack in the past year, with 89% experiencing at least one man-in-the-middle attack over a Wi-Fi network. In addition, 36 Android devices within just two companies of our survey sample contained malware which was pre-installed somewhere in the delivery chain. Some of the malware even had access to system privileges, meaning they could not be removed by the user and the device had to be re-flashed.

 “The report provides a clear overview of a threat landscape where 5th Generation cyberattacks are becoming more and more frequent,” said Doug Cahill, group director and senior cybersecurity analyst at market research firm Enterprise Strategy Group. “No public or private enterprise is immune; hospitals, city governments and global corporations are all at risk, yet 97% of all organizations are not equipped to deal with these Gen V mega attacks, and this needs to change.”