11 May 2015
NTT Innovation Institute announces the availability of the 2015 Global Threat Intelligence Report
NTT Innovation Institute (NTT I³) today announced the release of the 2015 NTT Global Threat Intelligence Report (GTIR). NTT i3 worked together with the NTT Group security companies to analyse the attacks, threats and trends from the previous year. Based on the analysis, NTT i3 has created an online digital Global Threat Intelligence Report that lets users grasp the threat landscape in an interactive manner. The resulting report combines an analysis of over six billion attacks observed in 2014 with an interactive data review and ongoing daily global threat visualisation.
The report is focused on the changing threat landscape and the quantifiable shifts over the past year that alter corporate risk, and require a re-evaluation of risk posture which requires organisational security transformation. Using this awareness, business and security leaders will be able to focus the security goals addressing the threat and security investment of their enterprises on the things that are most impacting their organizations. The report delves into a detailed analysis of the changing infiltration tactics, the commoditization of malicious capabilities spread of the threat and how the business of cybercrime is responding to successful defensive strategies with rapidly adapting tactics. Some of the key finding of the report include:
During 2014, 76% of identified vulnerabilities throughout all systems in the enterprise were more than 2 years old, and almost 9 percent of them were over 10 years old.
When vulnerabilities of medium risk (Common Vulnerability Scoring System) of 4.0 or higher are considered this highlights that even widespread scares such as Heartbleed and Shellshock have little long term effect on corporate risk management process and companies are still not effective at shedding their legacy vulnerabilities.
Across the world, an astounding 56% of attacks against the NTT global client base originated from IP addresses within the United States.
However, this is not due to the attackers being within the United States, but rather represents threat actors leveraging cheap cloud or vulnerable infrastructure within the US as an intermediary. This benefited the attacker by often being closer to their target and from more trusted geolocation.
Of the vulnerabilities discovered across enterprises worldwide, 17 of the top 20 exposed vulnerabilities resided within user systems and not on servers.
This risk represents a return to some of the roots of information security. The users and their wide range of mobile laptops are once again representing a return of risk that has largely been only lightly addressed by many organizations.
Threats against the end user are higher than ever, attacks show a clear and continuing shift towards success in compromising the end point.
During every week of 2014, there was a measureable drop in detected attacks on weekends and holidays when workers are not in the office. On weekends and holidays, the workers are not in the office and end-user systems are either turned off, or not being used. This major drop in weekend attacks demonstrates that organizational controls are detecting security events related to end users.
Distributed Denial of Service (DDoS) attacks changed in nature with a massive shift towards amplification attacks using Universal Datagram Protocol (UDP) protocols and this accounted for 63% of all DDoS attacks observed by NTT Group.
Network Time Protocol (NTP), Simple Service Discovery Protocol (SSDP) and Domain Name Service (DNS) were used in the vast majority of all DDoS attacks. Many of these attacks come from subverting exposed services in consumer based services (such as home Internet routers) to create DDOS traffic.
Attacks against Business & Professional Services increased from 9% to 15%
The attacks increased by more than 50% year on year and are the result of the risks inherited through business-to-business relationships. The likely implication is that this sector is generally softer, but high value targets for attackers.
This year’s report speaks to these issues and many others that occurred over 2014. It also focuses on how organisations can address the security challenges they represent through detailed analysis, remediation strategies, interactive infographics, and case studies applicable to small, medium and large enterprises around the globe.
The report was developed using NTT’s Global Threat Intelligence attack data from the NTT Group companies, including Solutionary, NTT Com Security, Dimension Data, NTT Data, NTT R&D and NTT Innovation Institute, Inc.
The key findings in the 2015 Global Threat Intelligence Report are a result of the analysis of approximately six billion worldwide verified attacks during 2014. The data for this report was collected from 16 Security Operations Centres (SOC) and seven R&D centres, and supported by the thousands of NTT security specialists, professionals and researchers from around the world.
About Dimension Data Founded in 1983, Dimension Data plc is an ICT services and solutions provider that uses its technology expertise, global service delivery capability, and entrepreneurial spirit to accelerate the business ambitions of its clients. Dimension Data is a member of the NTT Group. Visit us at Facebook and LinkedIn, or follow us on Twitter
About Dimension Data
Dimension Data uses the power of technology to help organisations achieve great things in the digital era. As a member of the NTT Group, we accelerate our clients’ ambitions through digital infrastructure, hybrid cloud, workspaces for tomorrow, and cybersecurity. With a turnover of USD 7.5 billion, offices in 52 countries, and 30,000 employees, we deliver wherever our clients are, at every stage of their technology journey. We’re proud to be the Official Technology Partner of Amaury Sport Organisation, which owns the Tour de France, and the title partner of the cycling team, Team Dimension Data for Qhubeka. Visit us at http://www2.dimensiondata.com/
Download press release