TL;DR

What: Good cyber hygiene minimises chances of a breach

Ixia 2019 Security Report: Brute-force Attacks Still Well and Alive After 20 Years

Humans remain the weakest link in cybersecurity.

Ixia 2019 Security Report
Published:   |   Updated:   |   Posted in

… poor cybersecurity practices and misconfigurations contributed to most cases of cybersecurity breach.

Ixia, a technology company that provides testing, visibility, and security solutions, released the third annual Security Report.

The report revealed that poor cybersecurity practices and misconfigurations contributed to most cases of cybersecurity breach.

Here’s a summary of the report.

Ixia’s findings: Top 5 security threats observed in 2018

1: Software security cause the majority of product vulnerabilities

Buyers should research the common vulnerabilities database and confirm fixes with vendors before deploying new hardware or software upgrades.

Ixia found that software security flaws contributed to a record number of security incidents in 2018, especially for web applications.

Code sharing on coding sites, such as Stack Overflow, poses risks as well. Many answers on such sites have security vulnerabilities.

Recommendation

Buyers should research the common vulnerabilities database and confirm fixes with vendors before deploying new hardware or software upgrades. The CVE database can help customers gauge the security track record and response time of a vendor.

2: Humans are the weakest link

It only takes a single click on a malicious link to infect an entire infrastructure.

Even the most tech-savvy security expert can be confused by a well-crafted and well-timed phishing attempt. It only takes a single click on a malicious link to infect an entire infrastructure.

Recommendation

Technological aids or reminders can help reduce the probability of an attack. For example, an email program that highlights when an incoming email looks like potential spam or phishing, or when it is from an external entity, enables you to pay attention and carefully scrutinize the URLs contained in the email. Also, tools such as password managers enable computers to reinforce security and reduce incidents caused by human error.

3: Cyber hygiene is at an all-time low

Internet of Things (IoT) devices are particularly vulnerable to [brute-force] attacks.

Vulnerabilities remain exposed due to ignorance of the latest patches and challenges deploying frequent patches in a timely manner.

Brute-force attacks also increased with the growing popularity of electronic devices. Internet of Things (IoT) devices are particularly vulnerable to such attacks.

Recommendation

Keep your business secure by reviewing public exploit websites (like www.mitre.org) to see a list of common vulnerabilities and apply the recommended patches and architectural fixes.

4: Security vulnerability disclosures are a double-edged sword

Vulnerability reporting helps vendors and consumers identify security flaws, but it also informs hackers, who can react faster than vendors or enterprise IT.

Recommendation

Disclosing vulnerability and exploit information in closed communities can reduce risk and slow hackers down, giving application developers and enterprises an opportunity to patch defects before hackers create tools to exploit the vulnerabilities in the wild.

5: Crypto-jacking activity reached new peaks in 2018

Adding network visibility helps you see when someone or something is mining cryptocurrencies…

Crypto-miners take over infrastructure and create large networks dedicated to crypto mining. This method of monetisation is easier and less risky for hackers than to ransom or steal valuable data.

Recommendation

Adding network visibility helps you see when someone or something is mining cryptocurrencies, so you can curb such activities.

Ixia’s predictions: watchlist for 2019

  • Abuse of low-value endpoints will escalate.
  • Brute-force attacks on public-facing systems and resources will increase.
  • Cloud architectures create complexity that increases attack surfaces.
  • Phishing will continue to evolve.
  • Multiphase attacks that use lateral movement and internal traffic will increase.
  • Crypto mining/cryptojacking attacks will increase.

Download a copy of this report by Ixia.


Seen anything interesting? Tip us off.
Want to be seen and heard? Contribute or advertise with us.

Like what you read? Follow us on Facebook and LinkedIn to get the latest updates.

Get the latest updates right to your mailbox

We will not share your contact information
By registering, you agree to our T&C and Privacy Policy
I'd rather write how-to guides and stories than about myself, unless absolutely necessary. Also, ironically, I hardly write with a pen and paper.
>