NTT Innovation Institute (NTT I³) announced on May 12 the release of the 2015 NTT Global Threat Intelligence Report (GTIR). Once again, NTT i3worked together with the NTT Group security companies to analyze the attacks, threats and trends from the previous year. Based on the analysis, NTT i3 has created an online digital Global Threat Intelligence Report (viewable at NTTGroupsecurity.com) that lets users grasp the threat landscape in an interactive manner. The resulting report combines an analysis of over six billion attacks observed in 2014 with an interactive data review and ongoing daily global threat visualization.
The report is focused on the changing threat landscape and the quantifiable shifts over the last year that alter corporate risk, and require a reevaluation of risk posture which requires organizational security transformation. Using this awareness, business and security leaders will be able to focus the security goals addressing the threat and security investment of their enterprises on the things that are most impacting their organizations. The report delves into detailed analysis of the changing infiltration tactics, the commoditization of malicious capabilities, spread of the threat and how the business of cybercrime is responding to successful defensive strategies with rapidly adapting tactics. Some of the key finding of the report include:
- During 2014, 76% of identified vulnerabilities throughout all systems in the enterprise were more than 2 years old, and almost 9% of them were over 10 years old.
- Across the world, an astounding 56% of attacks against the NTT global client base originated from IP addresses within the United States.
- Of the vulnerabilities discovered across enterprises worldwide, 17 of the top 20 exposed vulnerabilities resided within user systems and not on servers.
- Threats against the end user are higher than ever, attacks show a clear and continuing shift towards success in compromising the end point.
- Distributed Denial of Service (DDoS) attacks changed in nature with a massive shift towards amplification attacks using Universal Datagram Protocol (UDP) protocols and this accounted for 63% of all DDoS attacks observed by NTT Group.
- Attacks against Business & Professional Services increased from 9% to 15%
Source: NTT Group