Report: Most cyber-attacks come from same place, and use basic tactics
Report: Most cyber-attacks come from same place, and use basic tactics

F-Secure has released a new report which explores the trends and threats defining the current state of cyber-security across the globe.

According to the report, a majority of active reconnaissance traffic in 2016 came from IP addresses in just 10 countries, with Russia, the Netherlands, the United States, China, and Germany being hotspots for these activities.

Furthermore, most cyber-attacks are performed with basic, scriptable techniques against poorly maintained infrastructure.

F-Secure's State of Cyber Security 2017 report pays particular attention to security issues facing companies as the threat landscape transitions away from conventional malware to more dynamic threats.

Outdated versions of Android continue to expose mobile devices to risks, with Indonesia having the largest proportion of outdated Android devices in use, while Norway has the smallest.

While 197 new ransomware families were discovered in 2016 compared with just 44 in 2015, exploit kit usage declined during 2016.

“Today's threats can outsmart old one-dimensional security approaches, regardless of how strong everyone thinks they are. Phishing, lists of pre-compromised accounts and networks sold online, and other resources make breaching a government organisation or Fortune 500 company within reach of a lot of different attackers,” said F-Secure security advisor Sean Sullivan. “We're in a post-malware world because the threat landscape has industrialised and cyber-criminals aren't only relying on the most common types of malware to make money.”

The report also contains features on notable events and trends from 2016, including information on Mirai-based botnets, upstream attacks, cyber-crime and general IT trends that are shaping the threat landscape.

Several other organisations also contributed articles to the report, including the Finnish Communications Regulatory Authority, Virus Bulletin, and AV-TEST.

According to F-Secure security expert Andy Patel, the report was written to send a message to defenders about the importance of risk management. “Commodity malware, like ransomware, is still prevalent. And endpoint protection is great at protecting users from those threats. But defenders need to think about threat assessment, penetration testing, breach detection, incident response and crisis management if they want cyber-security plans they can count on when attackers wise up to their defences.”

“The bomber will always get through, so defenders better be ready for it,” added Patel.