Fortinet unveiled its new Cyber Threat Assessment Program (CTAP) designed to provide organizations with a detailed look into the type and amount of cyber threats posing risks to their networks, yet are going undetected by their existing security solutions. This new offering is part of a broader effort by Fortinet and its FortiGuard Labs threat research team to integrate risk and advisory capabilities with its end-to-end security platform to provide customers greater insight into dynamically changing cyber risks that threaten their businesses.
Social Media and Application Control are Weak Points; Financial Services Institutions Most Highly Targeted
Hundreds of Fortinet enterprise customers and prospects in the US have tried out CTAP in the last four months and key findings from an analysis report unveiled today reveal that:
- Enterprises of every size and vertical continue to face a constant and consistently hostile threat landscape, with more than 32.14 million attempted attacks on these networks. Headline-generating malware such as Conficker, Nemucod and ZeroAccess have made significant efforts to rebuild and infect machines − 5,230 instances of Conficker, followed by 4,220 instances of Nemucod and 3,210 instances of ZeroAccess were found.
- Social media and multimedia streaming activities account for 25.65% of all network traffic, exposing corporate systems and sensitive data to risks of infection from drive-by downloads, social engineering and malvertising. Facebook is the most dominant social media site representing 47.27% of all social media traffic, with YouTube contributing to 42.29% of streamed content.
- Application control appears to be a continual challenge for administrators. A significant amount of peer-to-peer traffic, primarily Bittorrent and gaming activity, opens the network to malicious content that piggybacks on top of applications and files downloaded through these popular sites. Enterprises should exercise caution when building application control policies on their networks.
- Due to the lucrative financial data obtained when these networks are successfully infiltrated, banking and finance organizations are disproportionately targeted with 44.6% of all malicious activity. Hackers rely on high-velocity attacks and target financial institutions with sophisticated trojans and land-and-expand attack strategies to infiltrate and persist within the network.