Software security flaws — including those with available fixes that haven’t been applied — and human behavior continue to be the top sources of network vulnerabilities, according to a new report from Keysight Technologies’ Ixia group.
In its third annual security report, Ixia’s Application and
Threat Intelligence Research Center (a legacy of Ixia’s 2012 acquisition of BreakingPoint, which established ATI in 2005)) said that “poor cyber hygiene continues to persist year after year,” including the use of default login and password credentials; and that attacks that date back as far as 2009 remain effective because vulnerabilities are either unpatched or because patches aren’t available for legacy systems.
“Software security flaws contributed to a record number of security incidents in 2018. We saw more new devices than ever before, but we also saw more devices designed and deployed without proper measures to stop, or even limit, threats,” Ixia said.
Phishing that exploits human behavior continues to be a reliable first step toward compromising network systems, Ixia found, noting that “a well-crafted and well-timed phishing attempt can confuse even the most tech-savvy expert into making a mistake that leads to a network compromise.” The company said that it detected 662,618 phishing pages in the wild, and 8,546,295 pages hosting or infected by malware.
In addition, Ixia said, the “good intention” of sharing products’ points of vulnerability “actually led to more attacks.”
“Compromised enterprise networks from unpatched vulnerabilities and bad security hygiene continued to be fertile ground for hackers in 2018. Misconfigured security and access policies were also a major source of data breaches in 2018,” said Steve McGregory, senior director, Ixia Application and Threat Intelligence, Keysight Technologies, in a statement. Those misconfigurations were often associated with public cloud architectures, which offered up a vector for new attacks, the report noted.
“Network and application complexity pose serious security threats and create new vulnerabilities every day,” McGregory continued. “Hackers continue to leverage the complexity as well as existing vulnerabilities and misconfigurations to their advantage. It has never been more important for organizations to take a proactive approach to identify and mitigate such flaws as thoroughly as possible.”
In the report, Ixia lays out six predictions for network security trends this year. These include:
- Abuse of “low-value endpoints” — aka, internet of things devices, which were targeted in attacks like Mirai — will escalate. “With more devices connecting to the internet every day, the number of targets continues to increase — and so will the number of victims,” Ixia said.
- “Brute-force attacks” on public-facing systems and resources will increase.
- Phishing will continue to evolve.
- Multiphase attacks that use “lateral movement and internal traffic” will increase.
- Crypto mining or cryptojacking attacks, in which devices are infected with crypto-mining malware, will increase.
- Cloud architectures will continue to create complexity which increases points of vulnerability.
The “unavoidable truth”, Ixia concluded, is that the complexity of modern networks and applications pose serious security risks.
“Complexity continues to grow within enterprise and service provider IT environments,” the company said in the report. “This growing complexity
is creating new security vulnerabilities every day. Thwarting security attacks starts with a continuous commitment to security best practices. Tools augment your ability to mitigate threats, but only security best practices can prevent them.”