Server-side exploits dominated cyber threat landscape in 2017

IANS
Thursday, February 8, 2018

During 2017, 76 per cent of the total exploits affected server-side applications, which is up 17 points when compared to 2016, a report by global cybersecurity firm Skybox Security said on Wednesday.

The "Vulnerability and Threat Trends Report" said that cyber criminals leveraged existing attack tools rather than developing new ones. Using the same attack, the criminals targeted as many victims dubbed as 'low-hanging fruits' as possible.

According to Ron Davidson, Skybox Security Chief Technology Officer, dealing with server-side vulnerabilities is always more difficult because the higher-value assets require more consideration.

"Organisations need to have the means to understand these server-side vulnerabilities in context of the asset criticality, the surrounding topology and security controls, and the exploit activity in the wild. Only then can they accurately decide the optimal patching priority and schedule," he said.

The increase in server-side exploits corresponds with the continued decline in the use of exploits kits relying on client-side vulnerabilities, which accounted for only a quarter of exploits in the wild last year, the report said.

"This does not mean that exploit kits are gone," added Marina Kidron, Senior Security Analyst and Group Leader of the Skybox Research Lab.

"We know that cybercriminals are constantly changing tactics so the next 'exploit kit giant' is very likely in development as we speak. We also suspect that some kits have 'gone private,' and are used exclusively by their developers in hopes of prolonging their viability," Kidron noted.

Instances of newly-published sample exploit code have also increased, with the monthly average jumping 60 per cent in 2017.

With minimal adjustments -- or none at all -- attackers can turn these samples into fully functioning exploits for their own use.

This scenario was the case with the "NSA Eternal Blue" exploit leaked by hacker group "The Shadow Brokers" and was used in the "WannaCrypt" and "Not Petya" cyber attacks, among others.

"Such leaks are putting advanced attack tools in the hands of lower-skilled cyber attackers, enhancing the capabilities of an already well-outfitted threat landscape," the report pointed out.

The report also said that in 2017, there was a 120 per cent increase in new vulnerabilities specific to operational technology (OT) compared to the previous year.

OT includes monitoring and control devices common in critical infrastructure organisations such as energy producers, utilities and manufacturers, among others.


Express your comment on this article

Submit your comments...
     
Disclaimer: The views expressed here are strictly personal and IndiansinKuwait.com does not hold any responsibility on them. We shall endeavour to upload/publish as many of the comments that are submitted as possible within a reasonable span of time, but we do not guarantee that all comments that are submitted will be uploaded/published. Messages that harass, abuse or threaten other members; have obscene, unlawful, defamatory, libellous, hateful, or otherwise objectionable content; or have spam, commercial or advertising content or links are liable to be removed by the editors. We also reserve the right to edit the comments that do get published. Please do not post any private information unless you want it to be available publicly.
Image

The Annual Homework

The scene at the Kuwait airport, though vaguely familiar, is refreshingly amusing around this time,

Image

Money transfer now more easy thanks to Al Mulla Exchange Mobile App – Mr. Praveen Singh

Sending our savings to India is very important for all of us. Best rate and immediate service is wh

Image

India - Global host of 2018 World Environment Day

India is the global host of 2018 World Environment Day which is taking place on June 5, 2018. The t

Image

Students should proactively indulge in co-curricular activities - Raghavi Vishwanath an alumni of FAIPS Kuwait

When youngsters reach a pinnacle it is always a pleasure to learn more about their lives and how th

Image

A thought for Ramadan

Sunday, the 13th of May, 2018 Festival greetings, Happy Sunday greetings Mother’s Day greetings

Image

Kuwait Cricket - A Sense of accomplishment: Herschelle Gibbs

In the recently concluded ICC World Twenty20 Asia Qualifiers ‘A’ , the Kuwait's national crick

Image

Raindrops - Usual and Unusual Stories of love by Dr. Navniit Gandhi

Dear Readers, Dr Navniit Gandhi has penned a collection of 19 true, usual and a little unusu

Image

Love is in air when he sings, Shahbaz Aman

What could be the appropriate adjective to describe this man; singer; composer; or an unusual embod

Image

Don’t Want a Day… Want a Deal!

I am a Woman and like me, there are countless other women out there who do not want Days to commemo

Image

My heart, my soul and all my sincerity is for this country – Ajiaz Ahmad Sarfaraz

“By serving this great country for more than three decades, I feel that the word ‘great’ fully appl

Image

True sense of Indian luxury at Asha’s Restaurant

Who doesn’t like a luxurious dine out once in a while with families and friends? What if it is coup

Image

Zafran Indian Bistro with innovative Indian Cuisines

Indian Cuisines are packed with interesting ingredients and enticing aromas that make it super deli

Image

New Menu at Zafran Puts Contemporary Spin on the Traditional

Fans of Zafran can rejoice as the popular Indian bistro launches a new menu this week. The front

Image

A nostalgic and delicious train journey in Kuwait at Kerala Express Restaurant

A train journey during our annual vacation in India is definitely a nostalgic experience for many o

Image

TransFast Cricket League Season-03 Grand Finals on Friday 17th August 2018

Another successful season of TransFast Cricket League with 48 teams in 2 Divisions & over 132 match

Image

GOA FC All-India Football Tournament Capxem Boys crowned Champions

A star studded Capxem Boys were crowned champions of the first edition All India 7-aside Football T

Image

Kiff League for Jp D’mello Trophy Indian Football League Final on Friday 29th June

The much awaited JP D’Mello Rolling Trophy KIFF League final for season 2017~18 will be played on 2

Image

22 Yards Cricket Academy Summer Camp For Cricket Coaching

22 Yards Cricket Academy, a professionally run Cricket coaching center having its 16th year of succ

Image

KCWA organized ‘Play on Indoor Sports’

Kuwait Canara Welfare Association (KCWA), for the first time organized an Indoor “Play on Sports” e