Solutionary Security Engineering Research Team (SERT) Q4 Threat Report Shows DDoS Attacks Decreased, Web Authentication Security and Malware Attacks Increased
OMAHA, NE, January 22, 2013 –Solutionary, the leading pure-play managed security services provider (MSSP), announced today that its Security Engineering Research Team (SERT) has released its Q4 2012 SERT Quarterly Research Report. The report examines the threat landscape for the last quarter of 2012 and focuses specifically on exploit kits and malware trends. Research revealed that 58 percent of the vulnerabilities targeted by the most popular exploit kits in Q4 were more than two years old, that 70 percent of exploit kits reviewed were released or developed in Russia, and that there was a reduced volume of Distributed Denial of Service (DDoS) attack-related activity and a slight increase in Web application and malware security incidences.
“The fact that cyber criminals are able to penetrate network defenses by targeting aging vulnerabilities and using old techniques demonstrates that many organizations are still playing catch-up when it comes to cyber security. Tight budgets, inability to convince stakeholders at all levels that security should be a priority, and a shortage of research resources could be among the reasons why many security and risk teams are continuing to operate in reactive mode," said Rob Kraus, SERT director of research. "By partnering with us, our customers are able to cost-effectively leverage our research and security expertise to drive security into the corporate priority stack, significantly strengthen their cyber defenses, and stay a step ahead of existing and emerging threats."
In reviewing 26 commonly used exploit kits, SERT identified exploit code dating as far back as 2004, serving as evidence that old vulnerabilities continue to prove fruitful for cyber criminals. The fact that 58 percent of the vulnerabilities exploited are over two years old further supports SERT findings that the number of newly discovered and disclosed vulnerabilities has declined since 2010. The Q4 report also revealed that BlackHole 2.0 was the most often-used exploit kit; that Phoenix 3.1 supports the most vulnerabilities, approximately 9 percent; and that a large number of exploit kits have been developed and distributed in Eastern Europe, with 70 percent coming from Russia, followed by China and Brazil.
“Exploit kits largely focus on targeting end-user applications,” said Kraus. “As a result, it is vital that organizations pay close attention to patch management and endpoint security controls in order to significantly decrease the likelihood of compromise.”
Solutionary is the leading pure-play managed security services provider. Solutionary reduces the information security and compliance burden, delivering flexible managed security services that align with client goals, enhancing organizations’ existing security program, infrastructure and personnel. The company’s services are based on experienced security professionals, global threat intelligence from the Solutionary Security Engineering Research Team (SERT) and the patented, cloud-based ActiveGuard® service platform. Solutionary works as an extension of clients’ internal teams, providing industry-leading customer service, patented technology, thought leadership, years of innovation and proprietary certifications that exceed industry standards. This client focus and dedication to customer service enables Solutionary to boast a client retention rate of over 98%. Solutionary provides 24/7 services to mid-market and global, enterprise clients through multiple security operations centers (SOCs) in North America. For more information, visit www.solutionary.com.