Story image

Ransomware exploit kits pose huge risk for unpatched organisations

13 Oct 2016

Ransomware exploit kits are making it easier for attackers to target enterprises, because they're so simple to enact and can target the neverending supply of network vulnerabilities, a new blog from Trend Micro says.

18% of known ransomware families being enacted through exploit kits, including 2013's CryptoLocker, Angler, Magnitude, Neutrino and Rig. With the stakes high, ransomware has already claimed US$209 million in demands, as well as data loss, organisational reputation and legal fines. Trend Micro says that exploit kits require less user action and target vulnerabilities in popular software. These vulnerabilities can number in the hundreds. Trend Micro and the Zero Day Initiative have already discovered 473 vulnerabilities this year alone.

Trend Micro also says that vulnerabilities will always be present, particularly in organisations that use legacy systems or software. Zero-day vulnerabilities, which are able to escape detection, provide another hurdle for IT and security administrators.

The company believes that network protection is crucial, even if there are not yet security patches for zero-day exploits that have been embedded into kits.

Patch testing and keeping mission-critical systems online makes it more difficult for organisations to keep on top of threats perpetrated by exploit kits, the company says. Patching can take 30 days or more, but is necessary for proper threat protection, Trend Micro states that Intrusion Protection Systems (IPS) are also critical for organisational protection, as they block zero-day and other vulnerabilities - even for unpatched ones.

Trend Micro recommends that in addition to IPS, organisations leverage a 'connected' threat defence strategy. The defence protection should include threat intelligence, security updates, anti-malware protection, anti-spam, firewall protection and mobile protection.

Privacy: The real cost of “free” mobile apps
Sales of location targeted advertising, based on location data provided by apps, is set to reach $30 billion by 2020.
Myth-busting assumptions about identity governance - SailPoint
The identity governance space has evolved and matured over the past 10 years, changing with the world around it.
Forrester names Crowdstrike leader in incident response
The report provides an in-depth evaluation of the top 15 IR service providers across 11 criteria.
Slack doubles down on enterprise key management
EKM adds an extra layer of protection so customers can share conversations, files, and data while still meeting their own risk mitigation requirements.
Security professionals want to return fire – Venafi
Seventy-two percent of professionals surveyed believe nation-states have the right to ‘hack back’ cybercriminals.
Alcatraz AI to replace corporate badges with AI security
The Palo Alto-based startup supposedly leverages facial recognition, 3D sensing, and machine learning to enable secure access control.
Ensign and IronNet partner to create cyber analytics capabilities
The Singapore-based joint venture will form a Cyber Analytics Center for Excellence focused on securing regional enterprises from sophisticated cyber threats.
Unencrypted Gearbest database leaves over 1.5mil shoppers’ records exposed
Depending on the countries and information requirements, the data could give hackers access to online government portals, banking apps, and health insurance records.