Mon, Apr 24 2017, 3:02 am

Brand McAfee makes come-back, brings threats report

By Digital Edge Bureau, 12.04.2017, 00:27
 
Mirai_DDoS_1

Mirai botnets are believed to be the staging grounds for launching DDoS attack on Dyn, a major DNS service provider: McAfee Inc

Intel Security, which disowned the brand McAfee sometimes ago, has shown amazing altruism towards it. In a latest development, Intel Security has resurrected the brand McAfee. Now, Intel Security is known as McAfee. This rechristening of the brand is marked by a ‘near simultaneous’ release of the ‘McAfee Labs Threats Report’ for the Q4 2016.
The report enumerates several threats—including malware, ransomware, mobile malware and other threats—and their intensity and severity which struck during this quarter. One of the key elements of this report is the 0perneciosu character of Mirai botnets, which are believed to be the staging grounds for launching DDoS attack on Dyn, a major DNS service provider. Mirai is notable because it detects and infects poorly secured IoT devices, transforming them into bots to attack its targets. To the surprise of the cyber world, the Mirai botnet-based DDoS attacks are available as a service in the cybercriminal marketplace for $50 to $7,500 per day. McAfee Labs estimates that 2.5 million Internet of Things (IoT) devices were infected by Mirai by the end of Q4 2016, with about five IoT device IP addresses added to Mirai botnets each minute at that time.
“The security industry faces critical challenges in our efforts to share threat intelligence between entities, among vendor solutions, and even within vendor portfolios,” says Vincent Weafer, Vice President of McAfee Labs. “Working together is power. Addressing these challenges will determine the effectiveness of cybersecurity teams to automate detection and orchestrate responses, and ultimately tip the cybersecurity balance in favor of defenders”, adds Weafer.
The report reviews the background and drivers of threat intelligence sharing; various threat intelligence components, sources, and sharing models; how mature security operations can use shared data; and critical sharing challenges that the industry must overcome. Those challenges include:

  • Volume. A massive signal-to-noise problem continues to plague defenders trying to triage, process, and act on the highest-priority security incidents.
  • Validation. Attackers may file false threat reports to mislead or overwhelm threat intelligence systems, and data from legitimate sources can be tampered with if poorly handled.
  • Quality. If vendors focus just on gathering and sharing more threat data, there is a risk that much of it will be duplicative, wasting valuable time and effort. Sensors must capture richer data to help identify key structural elements of persistent attacks.
  • Speed. Intelligence received too late to prevent an attack is still valuable, but only for the cleanup process. Security sensors and systems must share threat intelligence in near real time to match attack speeds.
  • Correlation. The failure to identify relevant patterns and key data points in threat data makes it impossible to turn data into intelligence and then into knowledge that can inform and direct security operations teams.

To move threat intelligence sharing to the next level of efficiency and effectiveness, McAfee Labs suggests focusing on three areas:

  • Triage and prioritization. Simplify event triage and provide a better environment for security practitioners to investigate high-priority threats.
  • Connecting the dots. Establish relationships between indicators of compromise so that threat hunters can understand their connections to attack campaigns.
  • Better sharing models. Improve ways to share threat intelligence between our own products and with other vendors.

    Threat Activitites:
    In the fourth quarter of 2016, McAfee Labs’ Global Threat Intelligence network registered notable trends in cyber-threat growth and cyber-attack incidents across industries:
  • Malware growth. The number of new malware samples slowed 17% in Q4, while the overall count grew 24% in 2016 to 638 million samples.
  • Mobile malware. The number of new mobile malware samples declined 17% in Q4, while total mobile malware grew 99% in 2016.
  • Ransomware growth. The number of new ransomware samples dropped 71% in Q4, mostly due to a drop in generic ransomware detections, as well as a decrease in the activity of the Locky and CryptoWall strains. The number of total ransomware samples grew 88% in 2016
  • Mac OS malware. Although still small compared to Windows threats, the number of new Mac OS malware samples grew 245% in Q4 due to adware bundling. Total Mac OS malware grew 744% in 2016.
  • Spam botnets. Spam email messages from the top 10 botnets dropped 24% in Q4 to 181 million emails. They generated 934 million spam messages in 2016 overall.
  • Reported security incidents. McAfee counted 197 publicly-disclosed security incidents in Q4 and 974 publicly-disclosed security incidents in 2016. Security incidents are events that compromise the integrity, confidentiality, or availability of information assets. Some, but not all, of these incidents are breaches. Breaches are incidents that result in the confirmed disclosure (not just potential exposure) of data.
  • Public sector cyber-attacks. The public sector experienced the greatest number of incidents by far, but McAfee believes this may be the result of stricter requirements for reporting incidents, as well as an increase in attacks related to the U.S. election process, mostly voter database incidents and defacing of election websites.
  • Banking and gaming attacks. A Q3 jump in incidents in the software development sector was due to the rise in attacks on gaming platforms. In the finance sector, the SWIFT attacks on the banking sector led to aQ2 jump in incidents.

0 comments

Add your comment

Nickname:
E-mail:
Website:
Comment:


× 1 = two

Other articlesgo to homepage

BPE unveils modular GTC Series Level UPS systems

BPE unveils modular GTC Series Level UPS systems(0)

BPE, India’s leading online UPS systems provider, has launched GT Challenger Series of LEVEL UPS systems. The GTC series LEVEL UPS is modular, three-phase, double conversion uninterruptible power supply system which provides operating efficiencies as high as 96.5 percent even at half load. Designed and engineered specifically for handling industrial applications, the GTC series LEVEL UPS

WD launches whopping 10TB surveillance-specific HDDs

WD launches whopping 10TB surveillance-specific HDDs(0)

In an attempt to address the growing market of digital surveillance with high capacity hard drives, Western Digital has launched WD Purple 10TB HDDs in the Indian market. With increased capacity and proven leading-edge technology, the WD Purple 10TB HDD is optimized for 24×7 video surveillance systems and up to 64 high-definition (HD) cameras in

Epson expands portfolio of InkTank printers in India

Epson expands portfolio of InkTank printers in India(0)

Epson India has broadened the already formidable repertoire of InkTank printers by launching four new models including L361, L380, L385 and L485 multi-function inkjet printers. “The new L-series printers will continue to provide the lowest printing costs in the market, enabling homes, offices and small businesses to save on their printing costs. We’ve sold over

Zebra believes phygital platform would rule retail industry

Zebra believes phygital platform would rule retail industry(0)

Zebra Technologies, which specializes in automating retail and warehouse operations, has come out with its ‘2017 Retail Vision Study’ revealing the fact that retailers expect sales to increasingly move from brick-and-mortar stores to online channels, which would lead to synergies between the physical and online platforms. This body of research analyzes the technology trends shaping

Red Hat’s annual revenue touches $2.7 billion globally

Red Hat’s annual revenue touches $2.7 billion globally(0)

Red Hat, world’s frontline open source software platform and solutions provider, has harnessed a bumper revenue touching $2.7 billion in the fiscal year ending February 28 2017. Red Hat attributes this to the ongoing digital transformation through which enterprises have been undergoing. “Enterprises are turning to Red Hat as a strategic partner to deliver solutions

read more
banner

Contacts and information

New Delhi (India)

Social networks

Most popular categories