New Bromium Labs Threat Report

Threat Report

The semi-annual Bromium Labs Threat Report has just been released providing an analysis of cyber-attacks and threats which have struck enterprise security in the last six months. It’s found an eruption of ransomware usage as well as an increase in app, browser, and plug-in vulnerabilities and notes that while Microsoft strengthens security, nefarious forces are changing tack and concentrating on ‘drive-by download attacks.’

Significant Conclusions

Though it’s clear that criminals are working harder than ever to get their hands on protected data, it’s not all bad news. Bromium Labs Threat Report also notes that although the amount of Vulnerabilities is constantly rising, they aren’t all being exploited. Unfortunately, there have been several high-profile data breaches and ransomware attacks of late, leaving enterprise security in a somewhat precarious position. Commenting exclusively to CloudTweaks, Bromium EVP and Chief Security Architect, Rahul Kashyap, states, “We’re only halfway through 2016, and our analysis shows numbers of vulnerabilities surpassing 2015 rates. But at the same time, there are less exploits across the board with the exception of Flash, which continues to have high ROI for hackers. Security is improving, but old attack techniques like phishing and watering hole attacks are still plaguing enterprises. It goes without question that we can expect attackers to evolve in response to heightened security. We need isolation and instant protection to secure our networks and data.”

Specific discoveries by Bromium Labs include:

  • A rise in vulnerabilities, with 516 reported to the National Vulnerability Database in the first half of 2016, as compared to 403 vulnerabilities reported over all of 2015.
  • Fewer exploitable vulnerabilities in popular software systems than in previous years, potentially due to the additional attention software vendors’ are giving to security.
  • Adobe Flash had 31 exploits in the first half of 2016, up from eight in 2016, resulting in some security vendors blocking or ending support for Flash. Regrettably from a security standpoint, Flash remains popular with end users and so continues to be a top target for criminals.
  • The most used exploit kits include Neutrino and Rig, though Angler and Nuclear kits also featured but disappeared in early June possibly due to crackdowns on cybercrime groups.
  • Since the beginning of 2016, many new ransomware families have been circulated, the current leader being Locky with 755 tracked instances infecting RAM disks and removable drives.

locky-report

Tackling the Threats

Though the dangers are becoming more sophisticated and insidious, Kashyap believes real efforts are being made to secure networks and IT infrastructure. “As an industry, we’ve always said there’s no one silver bullet to address the complexities of attacks that are affecting our business. However, our latest research shows that enterprises and vendors alike are stepping up to do a better at securing their networks and data. But there’s still work to be done.” It’s expected that over the next 12 months social engineering tactics will continually be exploited by attackers, and “instant protection, detection, and remediation is more critical than ever.”

Bromium Labs finds most AV vendors are executing multiple updates per day in an attempt to keep up with machine timescale attacks but with new Malware observable for less than 60 seconds before it transforms into a victim-specific variant current malicious detection capabilities are found to be lacking. It’s suggested the best strategy is a dramatic reduction of the attack surface, isolating attacks and limiting possible danger and spread. Taking a new approach, Bromium’s unique micro-visualization technology is advancing endpoint security and their solution automatically isolates each user-task in a lightweight, CPU-enforced micro-VM. For all of Bromium Labs security insights and judgements, download the full Bromium Lab Threats Report.

By Jennifer Klostermann

Matt Holleran

Cloud Marketplaces Give Startups A Leg Up – Part 2

Cloud Marketplaces In my last post, Cloud Platforms, Marketplaces, and Startups Part One, I examined the proliferation of partner ecosystems within the cloud software business, beginning with Salesforce AppExchange. Here, we’ll look at how startups ...
Big Data Explosion

Developing Machine Learning-based Approach for Optimizing Virtual Agent (VA) Training

Optimizing Virtual Agent (VA) Training Achieve NLU model’s precision, recall & accuracy up to 78% The success of any Virtual Agent (VA) depends on the training of its Natural Language Understanding (NLU) model prior to ...
Trust Report

Profit-Driving Strategies for 2020, Backed by Data

Profit-Driving Strategies Since 2019 is coming to a close, the time has come for businesses to evaluate what they can do to propel profits in 2020. The vast array of possibilities can make an enterprise's ...
New York

From Y2K To NYC Parking Meters: Have We Learned Anything About Complacency In Cybersecurity?

Cybersecurity Complacency This past January – in what seems like a different world now – a story briefly hit the headlines and was seen as more of a quirk than a threat. It was soon ...
Al Castle E911

Businesses Need E911 for Remote Employees

E911 for Remote Employees Remote working is no longer a luxury or a distant possibility – it’s the norm for enterprises around the world. The “trend” of telecommuting is not new; for example, the number ...
Anita Raj

The Criticality of Data Governance in a Multi-cloud Environment

The Criticality of Data Governance Multi-cloud has emerged as an enterprise favorite in almost no time.  In fact, Security Boulevard  makes a reference to a Forrester Research Report which confirms that almost 86 percent of ...