Home>>Top

The hottest NTT global threat intelligence report

2022-09-28

Detail

NTT Global Threat Intelligence Report opportunistic attacks increased by 300%

on June 10, the 29th meeting of the Standing Committee of the 13th National People's Congress passed the data security law. This law is a basic law in the field of data and an important law in the field of national security. It will come into force on September 1st, 2021

the introduction of the data security law not only means that the supervision of the data field is becoming stricter, but also accelerates the birth of new outlets, and more cutting-edge technologies will be put into use in the data field. The law has a significant impact on enterprises engaged in data processing business in China, especially multinational enterprises

attackers took advantage of global instability and hit the health care, finance and manufacturing industries hard.

remote access has become a common vulnerability, and application attacks have surged, accounting for 67% of the total attacks.

cryptocurrency miners hit a new high, accounting for 41% of all detected malware.

NTT Ltd. today released the 2021 Global Threat Intelligence Report (gtir), which reveals how hackers take advantage of global instability, Target key industries and turn to common vulnerabilities in telecommuting. Attacks on healthcare, manufacturing and finance all increased significantly (200%, 300% and 53% respectively). These three industries accounted for 62% of all attacks in 2020, an increase of 11% over 2019

as enterprises increasingly adopt technologies such as virtual and remote access to support remote work modes, the subsequent attacks against specific applications and network applications have doubled, accounting for 67% of all attacks, more than doubling in the past two years. The healthcare industry bears the brunt of the shift to telemedicine and nursing, with 97% of attacks coming from networks or specific applications

gtir provides deep insight into NTT network security consulting, scoring the maturity of an industry's security plan. The higher the number, the more mature the action plan is. The survey results show that the maturity scores of health care and manufacturing are relatively low, only 1.02 and 1.21 respectively. These are lower than the baseline of 1.12 and 1.32 in 2019, but the attack rate has increased significantly

on the one hand, the maturity score of the manufacturing industry has continued to decline in the past three years, which is likely due to changes in the business environment and the evolution of attacks

on the other hand, the financial industry continued to show the highest maturity benchmark score for the third consecutive year, which was 1.84 (down 0.02 from last year)

Mr. luzhihong, CEO of NTT China, said:

as early as last year, we predicted that targeted attacks would surge, which has been proved to be true today. Although these industries try their best to maintain basic services, the decline in safety standards is still shocking. Enterprises will migrate services to the network to adapt to the new normal, and use digitalization to enhance business flexibility, but they need to be extra vigilant in adhering to and maintaining the best practices of security

malware has degenerated

encrypted malware has proliferated

and Trojan viruses have become more common

although malware has become more and more commercialized in terms of features and functions, with the growth of multi-functional malware, it has also become more diversified last year. Encryption software has replaced spyware as the most common malware in the world, but malware that uses some variants for specific industries continues to develop. Worms frequently appear in financial and manufacturing industries; The health care industry is affected by remote access Trojans; Technology industry is the target of extortion software; Mining is popular among students, and the education industry has been hit by crypto miners

the cryptocurrency market is a typical example. Cryptominers accounted for 41% of all malware detected in 2020. Xmrig coinmin hydraulic universal material testing machine turning on the main motor source switch and manual box switch Er of the impact testing machine are the most common variants, accounting for nearly 82% of all mining activities, especially strengthening the toughness of materials, accounting for nearly 99% in Europe, the Middle East and Africa

Mr. luzhihong said:

the change of operation mode or the adoption of new technologies provide opportunities for attackers. With the popularity of cryptocurrency among inexperienced students, this attack is inevitable. Under the new normal, enterprises and individuals must give priority to the network security of all industries, including the supply chain

2021gtir focus

Global attacks on the manufacturing industry increased from 7% last year to 22%; The health care industry increased from 7% to 17%; The financial industry increased from 15% to 23%

in the Asia Pacific region, the financial industry (24%) is the most attacked industry, followed by the manufacturing industry (22%). The maturity of the medical industry is seriously insufficient, only 0.60, lower than the global average of 1.02. The technology industry (2.02) is more mature than the global average (1.64)

attacks with covid-19 vaccines and related supply chains have occurred in many industries around the world. The opportunism of covid-19 network crime was strengthened. Groups such as ozie team, agent Tesla and ta505, as well as vicious panda, Mustang panda and cozy bear, were very active in 2020

the most common forms of malware in the world in 2020 are miners 41%, Trojans 26%, worms 10%, and ransomware 6%

malware varies widely across the Asia Pacific region, with webshells, zombies and various forms of Trojan viruses accounting for 72% of all malware. Although xmrig is the most commonly detected malware in the world, no country in the Asia Pacific region ranks xmrig among the top ten most common malware

ntt research shows that 50% of enterprises around the world give priority to ensuring the security of their cloud services, which makes it the top priority of network security in the next 18 months

threatening elements take advantage of global disasters, while cyber criminals take advantage of market prosperity. The common ground of these two situations is unpredictability and risk. The digitalization of enterprises should put safety in the first place, and for enterprises going to sea, it is the primary task to understand the safety characteristics of overseas regions