Cybersecurity Research: Web-Based Attack Trends Extend Beyond Ransomware

Credit: Getty Images

No doubt, many cybercriminals leverage malware, phishing and ransomware attacks to target organizations. But how is the attack landscape evolving? New research from network security solutions provider WatchGuard Technologies provides some answers.

The WatchGuard "Internet Security Report" indicated ransomware attacks through phishing emails and malicious websites reigned supreme in the fourth quarter of 2016. In addition, the report showed cybercriminals increasingly targeted banks and healthcare organizations and nation-states continued to launch sophisticated cyberattacks against one another during the time frame.

Internet Security Trends in 4Q16

WatchGuard identified several internet security trends in 4Q16, including:

  • All of the top network exploits were web-based attacks that either targeted a web server (or other network services offered via web-based portals) or web clients.
  • Most the top network exploits targeted web browsers in drive-by attacks.
  • Most of the top web and email threats were JavaScript-based downloaders.

The current internet security landscape is "greatly varied, fast-moving and very dangerous," WatchGuard wrote in its report. Although there is no "silver-bullet defense" against cyberattacks, organizations that understand internet security trends can find the right combination of layered security and human policy to minimize risk, WatchGuard noted.

Defense Strategies to Consider

WatchGuard offered the following defense strategies to help organizations combat cyberattacks:

  1. Develop internet security best practices. Traditional internet security options like antivirus solutions and firewalls are insufficient for today's organizations. Instead, organizations need modern security controls to stop advanced cyberattacks.
  2. Use a layered kill chain defense. A layered kill chain defense represents one of the best ways to protect an organization against all of a cyberattack's vectors and stages. With a kill chain defense, an organization can use multiple security layers to manage different attack stages.
  3. Teach end users about internet security trends. Internet security product and service users who make mistakes may put an organization in danger. Understanding the latest internet security trends and teaching end users about them may help an organization address cyberthreats quickly.
  4. Use an advanced malware protection solution. 30 percent of malware blocked by WatchGuard in 4Q16 was undetected by a legacy, signature-based antivirus solution, according to the company. Meanwhile, an advanced malware protection solution enables an organization to monitor malware proactively.

More Cybersecurity Tips

Organizations should learn about classic cyberthreats and attack techniques and advanced internet security risks, WatchGuard stated. By doing so, organizations will be able to identify and resolve internet security dangers consistently.

"We see continued growth and utilization of classic threats and attack techniques. On the other hand, we also see more advanced threat actors reviving these classics with new obfuscation techniques, better delivery mechanisms and by targeting new victims and attack surfaces," WatchGuard wrote in its report.

Dan Kobialka

Dan Kobialka is senior contributing editor, MSSP Alert and ChannelE2E. He covers IT security, IT service provider business strategies and partner programs. Dan holds a M.A. in Print and Multimedia Journalism from Emerson College and a B.A. in English from Bridgewater State University. In his free time, Dan enjoys jogging, traveling, playing sports, touring breweries and watching football.