Exploits Against Endpoints on the Rise: Results of the SANS Threat Landscape Survey

Bethesda, Md. – Exploits against endpoints are on the rise and the damage associated with such compromises are growing, according to results of a new survey to be released by SANS Institute on August 11, 2016.

In it, survey respondents indicated that impactful threats enter organizational infrastructures through a number of means, with 75% of respondents saying that impactful threats had entered through email attachments, 46% said such threats also entered through user's browsers via malicious link, and 41% saw threats start at the browser with web drive-by downloads.

Such threats rely on the user and the security of his or her connected devices to initiate an attack, says SANS mentor instructor and survey author, Lee Neely.

"The perfect storm is upon us," says Neely, who teaches cyber security management and information security officer training at SANS. "Ransomware is on the rise, and its primary distribution mechanisms--phishing and web drive-bys--are at the top of the successful attack list."

Phishing, including spearphishing and whaling combined with ransomware make up the top significant impact threats worldwide, with 68% indicating an increase in general phishing threats, 49% seeing an increase in Ransomware, and 47% seeing increases in spearphishing and whaling (targeted phishing and phishing company executives).

"Users and their endpoints are ground zero for the attackers trying to take over our systems and information," continues Neely. "The current threat landscape is showing the gaps in our defense mechanisms are ripe for exploit."

When asked how significant events got past their defenses, 48% of respondents indicated they were traced back to user error, 38% caused by social engineering, and 37% attributed to zero-day attacks. In addition, 39% of respondents reported that attacks evaded network security because their firewalls didn't detect the threat, and 37% said the same thing about their IDS/IPS systems.

"With the widespread adoption of mobile teleworkers and cloud based services, the enterprise protection envelope needs to work beyond the perimeter to provide protections regardless of user or data location," concludes Neely. "It's time to move away from primary reliance on signature based-detection and move toward behavior-based threat detection and comprehensive whitelisting."

Full results will be shared during an August 11, 2016, webcast at 1 PM Eastern, sponsored by Check Point Technologies, Ltd, and hosted by SANS. Register to attend the webcast at www.sans.org/webcasts/102182

A second webcast on September 7 at 9:00 Eastern time addresses the results with a look at the European results. Register to attend this webcast at www.sans.org/webcasts/102037

Those who register for either of the webcasts will also receive access to the published results paper developed by SANS mentor instructor and survey author, Lee Neely.

Tweet this:

"Exploits Against Endpoints on the Rise"- Don't miss the SANS 2016 Threat Landscape webcast | 8/11 @ 1PM EDT | www.sans.org/u/jQz
"Phishing combined w/ ransomware make up the top significant impact threats worldwide" | 8/11 @ 1PM EDT | Register: www.sans.org/u/jQz
Don't Miss the SANS 2016 Threat Landscape Survey Results Webcast | 8/11 @ 1PM EDT | Register Now: www.sans.org/u/jQz

About SANS Institute

The SANS Institute was established in 1989 as a cooperative research and education organization. Today, SANS is the most trusted and, by far, the largest provider of cyber security training and certification to professionals in government and commercial institutions world-wide. Renowned SANS instructors teach more than 60 courses at in-person and virtual cyber security training events and on demand. GIAC, an affiliate of the SANS Institute, validates practitioner skills through more than 35 hands-on, technical certifications in cyber security. The SANS Technology Institute, a regionally accredited independent subsidiary, offers a master’s degree, graduate certificates, and an undergraduate certificate in cyber security. SANS Security Awareness, a division of SANS, provides organizations with a complete and comprehensive security awareness solution, enabling them to easily and effectively manage their ‘human’ cybersecurity risk. SANS also delivers a wide variety of free resources to the InfoSec community including consensus projects, research reports, webcasts, podcasts, and newsletters; it also operates the Internet's early warning system–the Internet Storm Center. At the heart of SANS are the many security practitioners, representing varied global organizations from corporations to universities, working together to support and educate the global information security community. (https://www.sans.org)