Results of SANS Institute 2017 Threat Landscape survey paints users and endpoints as primary targets, and part of the solution
Security professionals rated phishing (72%), spyware (50%) and ransomware (49%) as top threats
37% of security professionals indicated that calls to the help desk enabled them to discover their most impactful threats
According to results of a new survey on today’s threat landscape, to be released by SANS Institute on Tuesday 15 August, both users and their endpoint devices are the primary target for cyber criminals in 21st century security battles.
The survey questioned security and IT professionals globally on the threats their organisations face today. Phishing (72%), spyware (50%), ransomware (49%) and Trojans (47%) were named the threats most seen by respondents’ organisations, demonstrating how cyber criminals continue to target individual employees within businesses to gain access to sensitive information. When it comes to impact, phishing causes the most damage, and 40% of survey respondents experienced phishing attacks, including spearphishing and whaling in the last year.
“Users and their endpoints are still in the cross hairs,” says Lee Neely, SANS Analyst, Mentor Instructor and author of the survey report. “Traditional and malware-less threats keep popping up at every corner, making our jobs as defenders resemble an ongoing game of Whack-a-Mole to keep them at bay.”
Malware-less threats are ever-present; almost one-third of respondents have experienced a malware-less threat entering their organisation, impacting IT systems and adding to IT staff workload. These attacks are more difficult to find because they can’t be detected by signature-based technologies. Scripting attacks were the most common malware-less incident, while credential compromise or privilege escalation caused the most impact.
Few of the threats were new zero-day threats, on the other hand, with 76% of security professionals admitting that under 10% of the significant threats they saw were zero-day.
“Today’s threats predominately leverage the same old vulnerabilities and techniques,” added Neely. “The time is ripe to change our protections as well as remediation processes to stem the tide of successful threat vectors.”
But it’s not all doom and gloom. While users are the primary target of these attacks, it’s the users themselves that are also part of the solution. In the survey, 37% of respondents indicated that calls to the help desk helped them discover the most impactful threats. User training, improved operational security practices and improved visibility into network and endpoint behavior were all cited as the top measures to improve threat prevention success.
The full results of the 2017 Threat Landscape survey will be shared during a webcast on Tuesday, August 15 at 1 PM EDT, sponsored by Cylance, FireEye, McAfee, and Qualys, and hosted by SANS. Register to attend the webcast at www.sans.org/u/uGU
Those who register for the webcast will also receive access to the published results paper developed by SANS Analyst and network security expert, Lee Neely.