News
Cybercriminals evolving their attack methods to increase their success rates, to accelerate infections: Fortinet
NEW DELHI: Fortinet has announced the findings of its latest Global Threat Landscape Report. The research reveals cybercriminals are evolving their attack methods to increase their success rates and to accelerate infections.
While ransomware continues to impact organizations in destructive ways, there are indications that some cybercriminals now prefer hijacking systems and using them for cryptomining rather than holding them for ransom. For a detailed view of the findings and some important takeaways for CISOs read the blog. Highlights of the report follow:
Cybercrime Attack Methods Evolve to Ensure Success at Speed and Scale
Data indicates that cybercriminals are getting better and more sophisticated in their use of malware and leveraging newly announced zero-day vulnerabilities to attack at speed and scale. While the number of exploit detections per firm dropped by 13% in Q1 of 2018, the number of unique exploit detections grew by over 11%, and 73% of companies experienced a severe exploit.
• Spike in Cryptojacking: Malware is evolving and becoming more difficult to prevent and detect. The prevalence of cryptomining malware more than doubled from quarter to quarter, growing from 13% to 28%. Additionally, cryptojacking was quite prevalent in the Middle East, Latin America, and Africa. Cryptomining malware is also showing incredible diversity for such a relatively new threat.
Cybercriminals are creating stealthier fileless malware to inject infected code into browsers with less detection. Miners are also targeting multiple operating systems as well as different cryptocurrencies, including Bitcoin, Dash, and Monero. They are also fine-tuning and adopting delivery and propagation techniques from other threats based on what was successful or unsuccessful to improve future success rates.
• Targeted Attacks for Maximum Impact: The impact of destructive malware remains high, particularly as criminals combine it with designer attacks. For these types of more targeted attacks, criminals conduct significant reconnaissance on an organization before launching an attack, which helps them to increase success rates. Afterwards, once they penetrate the network, attackers spread laterally across the network before triggering the most destructive part of their planned attack.
The Olympic Destroyer malware and the more recent SamSam ransomware are examples of where cybercriminals combined a designer attack with a destructive payload for maximum impact.
• Ransomware Continues to Disrupt: The growth in both the volume and sophistication of ransomware continues to be a significant security challenge for organizations. Ransomware continues to evolve, leveraging new delivery channels such as social engineering, and new techniques such as multi-stage attacks to evade detection and infect systems.
GandCrab ransomware emerged in January with the distinction of being the first ransomware to require Dash cryptocurrency as a payment. BlackRuby and SamSam were two other ransomware variants that emerged as major threats during the first quarter of 2018.
• Multiple Attack Vectors: Although the side channel attacks dubbed Meltdown and Spectre dominated the news headlines during the quarter, some of the top attacks targeted mobile devices or known exploits on router, web or Internet technologies. 21% of organizations reported mobile malware, up 7%, demonstrating that IoT devices continue to be targeted.
Cybercriminals also continue to recognize the value of exploiting known vulnerabilities that haven’t been patched along with recently discovered zero-days for increased opportunity. Microsoft continued to be the number one target for exploits, and routers took the number two spot in total attack volume. Content Management Systems (CMS) and web-oriented technologies were also heavily targeted.
• Cyber Hygiene – More Than Just Patching: Measuring how long botnet infections persist based on the number of consecutive days in which continued communications are detected reveals that hygiene involves more than just patching. It is also about cleanup. Data showed that 58.5% of botnet infections are detected and cleaned up the same day. However, 17.6% of botnets persist for two days in a row and 7.3% last three days. About 5% persist for more than a week. As an example, the Andromeda botnet was taken down in Q4 2017 but data from Q1 found it continued to show up prominently in both volume and prevalence.
• Attacks Against Operational Technology (OT): While OT attacks are a smaller percentage of the overall attack landscape, the trends are concerning. This sector is increasingly becoming connected to the Internet, with serious potential ramifications for security. Currently, the vast majority of exploit activity is directed against the two most common industrial communication protocols, primarily because they are so widely deployed. Data shows that in Asia ICS exploit attempts appear to be somewhat more prevalent when compared to ICS exploit activity across other regions.
Fighting Evolving Cybercrime Requires Integrated Security
The threat data in this quarter’s report reinforces many of the prediction trends unveiled by the Fortinet FortiGuard Labs global research team for 2018 demonstrating that the best defense against intelligent and automated threats is an integrated, broad, and automated security fabric. A highly aware and proactive security defense system is needed to keep pace with the next generation of automated and AI-based attacks.
“We face a troubling convergence of trends across the cybersecurity landscape. Malicious cyber actors are demonstrating their efficiency and agility by exploiting the expanding digital attack surface, taking advantage of newly announced zero-day threats, and maximizing the accessibility of malware for bad intent. In addition, IT and OT teams often don’t have the resources necessary to keep systems appropriately hardened or protected. However, implementing a security fabric which prioritizes speed, integration, advanced analytics, and risk-based decision making can enable comprehensive protection at machine speed and scale,” said Rajesh Maurya, Regional Vice President, India & SAARC, Fortinet.
“In India exploits targeting known vulnerabilities in enterprise web systems running Apache Struts (CVE-2017-5638), Oracle WebLogic Server (CVE-2017-10271, CVE-2017-3506) and older IIS 6.0 web servers (CVE-2017-7269) were the most prevalent in Q1 2018. This is followed closely by exploits targeting vulnerabilities in Red Hat JBoss Application Server (CVE-2017-12149) and IoT devices such as Linksys and D-Link home routers.,” said Gavin Chow, Network and Security Strategist, Fortinet Asia Pacific.
“JavaScript based cryptojacking malware was also the most prevalent in this region along with the malware leveraging a known Microsoft Office exploit (CVE 2017-11882) that is used to gain control of a victim’s system to perform other malicious activity. Even though the Andromeda Botnet infrastructure was already taken down in Q4 2017 in continued to be the most prevalent BOT. The key takeaway here is that attackers are targeting known vulnerabilities that already have fixes available and system owners who are not aware of these risks would continue to be exposed to these attacks,” Gavin added.
NEW DELHI: Yotta Data Services, an end-to-end Digital Transformation service provider, has announced that its state-of-the-art data centre facility, “Yotta G1”, located in GIFT city, Gandhinagar is ready for service (RFS).
The opening of this data center marks the debut of Yotta in Gujarat and progresses the company’s mission to provide digital services in India’s high-growth markets.
G1 is Yotta’s fifth data center facility in the country. It joins four large operational data centers, two of which, at Navi Mumbai and Greater Noida are part of hyperscale campuses. Yotta G1 is uniquely located inside the International Financial Services Center (IFSC) zone of Gandhinagar’s Gujarat International Finance Tec-City (GIFT city).
G1 represents an investment of more than INR 500 cr. over five years across critical non-IT and IT / Cloud / AI compute infrastructure. The data center has a capacity of over 350 high-density racks and 2 MW power (which can be scaled further as per demand). The facility is designed to meet the most demanding digital needs of its customers, who may be located within GIFT City or anywhere in the world, by seamlessly delivering fault-tolerant facility infrastructure, high-performance Cloud compute and storage infrastructure, advanced physical and cyber security, unmatched connectivity, and steadfast sustainability.
For large global enterprises operating in the GIFT City IFSC zone, the G1 data center functions as a potential data embassy, whereby their data stored is subject to the laws and regulations of their home country, thus allowing them to maintain sovereignty over their data, even when stored in India. By storing data in a physically different location, global enterprises can ensure continuity of operations in case of major disruptions within their borders. The data center’s location also ensures compliance with the IFSC regulations, providing businesses in the zone with distinct advantages like free foreign exchange convertibility, a liberalised regulatory environment, and business-friendly policies. It also helps enterprises adhere to IFSC’s compliance requirements, including being mandated to host their data within the IFSC zone.
Commenting on the announcement, Darshan Hiranandani, Co-founder and Chairman, Yotta Data Services, said, “The state of Gujarat, with GIFT City, has been at the forefront of providing a viable and sustainable platform for global businesses to set up base in India. The setting up of the IFSC zone is a further testament to their vision for financial services companies. We are proud to support this vision of the Gujarat government with a state-of-the-art data center within the IFSC zone, providing the latest and best in cutting-edge technologies to help businesses set up and scale their businesses while also adhering to all regulatory requirements.”
Adding to this, Sunil Gupta, Co-Founder, MD & CEO, Yotta Data Services, said, “Yotta’s G1 marks a pivotal milestone in delivering high-end data center, Cloud, AI compute, storage, connectivity and cybersecurity services to enterprises both on a global and local scale in the Gujarat region. Besides serving the domestic enterprises within and outside GIFT City, our data center shall serve as a potential data embassy for global enterprises, enabling them to adhere to their respective country’s laws while offering a dependable and secure locale for offshore data storage.”
G1 data centre stands distinct in GIFT city for being a data center offering more than just colocation services. True to Yotta’s stature as the end-to-end digital transformation partner of choice for enterprises, G1 brings forth a suite of key features, ranging from advanced data security and customised business solutions to an indigenous hyperscale cloud offering, AI-GPU compute offering, state-of-the-art infrastructure, cybersecurity expertise, seamless integration with managed IT services, 24/7 customer support, cost optimisation, and an overall competitive edge.
This announcement follows on the heels of Yotta’s recent launch of its cloud services – Shakti Cloud and Yntraa Cloud. Powered by NVIDIA’s top-of-the-line GPUs, Shakti Cloud is India’s largest & fastest AI-HPC supercomputer, delivering cutting-edge GPU computing infrastructure, platforms, and services, including Infrastructure as a Service, Platform as a Service, and Software as a Service. Yntraa Cloud, on the other hand, is a truly indigenous hyperscale cloud platform at par with global cloud platforms, offering an exhaustive range of cloud products and services.
NEW DELHI: Domestic contract manufacturer Optiemus Infracom has entered into a joint venture with US-based speciality glassmaker Corning International to set up India’s first manufacturing facility for producing high-quality finished cover glass parts for the mobile consumer electronics industry.
The collaboration between both the companies will help expand India’s electronics manufacturing ecosystem, as the Indian government strengthens its Make in India initiative. As a part of the joint venture, the companies strategically aim to set up a world-class manufacturing facility in India, powered by cutting-edge technologies and processes.
Driven by a shared commitment to innovation and technological excellence, this collaboration will pave the way for the manufacturing of “Made in India” finished cover glass parts for use in mobile consumer electronic devices, and other cover glass applications, to meet the needs of next-generation mobile consumer electronic devices.
The joint venture signifies a powerful synergy between Optiemus’s deep domestic industry and manufacturing knowledge of electronics and telecom market and Corning’s globally-acclaimed expertise in advanced glass technology. By combining these strengths, the joint venture aspires to not only establish cover glass manufacturing capabilities and capacity in India, but also to contribute significantly to the creation of jobs and skill development within India’s thriving technology sector, the companies said in a statement.
Ashok Kumar Gupta, Chairman, Optiemus Infracom, said, “It is a matter of great pride for us to actively contribute to the growing manufacturing ecosystem in the country. With this joint venture, initiated in line with the vision of Hon’ble Prime Minister of India of ‘Make in India’ programme and the “Atmanirbhar Bharat” initiative, we are committed to make available world-class high-quality products for global and local brands.”
“Embarking on this new journey, we intend to emerge as one of the top manufacturers of finished cover glass parts for use in mobile consumer electronic devices in the next five years. Our collective expertise in innovation, design, and manufacturing, will provide holistic solutions for the brands,” Gupta added.
NEW DELHI: Chipset maker MediaTek, which claims to power more than two billion connected devices every year, hosted ‘Catch-up with Tech’ in collaboration with handset brand Infinix on August 28 to share insightful and engaging conversations about the new-age smartphones and innovative technologies powering everyday lives.
The meet-up threw the spotlight on the MediaTek Dimensity Auto, Satellite solutions and Generative AI along with an extensive showcase of newly-launched Infinix Zero 30 5G powered by MediaTek Dimensity 8020, Infinix GT 10 Pro powered by MediaTek Dimensity 8050, and Infinix QLED TV powered by MediaTek.
In terms of specs, the Infinix Zero 30 5G is tailored for young storytellers and creators, featuring the first-ever smartphone to deliver 4K 60fps video recording from its 108 MP OIS rear camera and ultra-high resolution 50MP front camera. The Zero 30 series powered by MediaTek Dimensity 8020 is said to be a game changer for the front camera vlogging experience along with being the slimmest curved AMOLED smartphone in the segment with glass and a vegan leather back panel. It also claims to be one of the most premium-looking devices in the segment.
The event witnessed a panel discussion moderated by Anuj Sidharth, Deputy Director Marketing & Corporate Communications, MediaTek and included expert panelists from Infinix, MediaTek and two renowned professional photographers.
“With the fifth edition of Catch-up with Tech, we aim to bring consumers closer to the technology and enable them to make informed buying decisions based on their diverse needs. In collaboration with Infinix, this meet-up is in-line with MediaTek’s vision of technology democratization and making innovative technology accessible to everyone,” said Anku Jain, Managing Director, MediaTek India. “The MediaTek Dimensity 8020 in Infinix Zero 30 5G brings faster displays, brilliant cameras and ultra-fast performance. Further, MediaTek Imagiq technologies enrich the capture experience by combining dedicated AI, imaging processors and accelerators to provide incredible results,” he added.
Anish Kapoor, CEO, Infinix Mobile India, said, “Featuring India’s first 50MP 4K 60 fps video recording, Infinix Zero 30 5G is primed to redefine smartphone imaging capabilities, setting a new standard for the creators and vlogging enthusiasts. Our collaboration with MediaTek has played a pivotal role in shaping our exceptional smartphone portfolio, and the Zero 30 5G stands as evidence of our unwavering commitment to innovation and delivering unmatched experiences to our users. The display and design of the device represent a leap forward in smartphone technology. As Infinix Zero 30 5G hits the shelves, we are positive that our customers will find this new offering as exhilarating as we do, further empowering creators to capture their story like never before.”
Radhakrishnan Chakyat, a photography evangelist, founder and host of Pixel Viilage, said, “Infinix Zero 30 5G smartphone powered by MediaTek Dimensity 8020 chipset has amazing hardware features, an excellent camera, dual-view video mode and is primed for optimal content creation and saves a tremendous amount of editing time.”
Aarzoo Khurana, a wildlife photographer, said, “Over the last few days, I clicked various pictures and recorded a few videos with the newly-launched Infinix Zero 30 5G powered by MediaTek Dimensity 8020, and the experience has been truly inspiring. Infinix’s smartphone’s OIS feature helps content creators click shake-free pictures and the front camera, which is extremely sharp and detailed, enables content creators to click countless selfies.”
