////////////////////////////////////////////////////////////////////////////////////
TRENDING
CYBER ADVERSARIES
UP THE ANTE ON
EVASION AND ANTI-ANALYSIS
TO AVOID DETECTION
Fortinet has revealed the findings of its latest Global
Threat Landscape Report, with its Fortinet Threat
Landscape Index demonstrating a continued increase in
the volume of cyberattacks.
T
he research conducted by Fortinet
reveals that cybercriminals continue
to look for new attack opportunities
throughout the digital attack surface and
are leveraging evasion as well as anti-
analysis techniques as they become more
sophisticated in their attempts.
The Threat Landscape Index crossed a
milestone this quarter. It is up nearly 4% from
its original opening position year-over-year.
these important cybersecurity fundamentals,
to position organisations to better manage
and mitigate cyber-risks.
“A security fabric approach across
every security element that embraces
segmentation and integration, actionable
threat intelligence and automation
combined with Machine Learning is essential
to enable these fundamentals to bear fruit.”
Highlights of the report include:
The high point during that year-long
timeframe is the peak and closing point
of Q2 CY2019. The upsurge was driven by
increased malware and exploit activity.
“The ever-widening breadth and sophistication
of cyberadversaries’ attack methods is
an important reminder of how they are
attempting to leverage speed and connectivity
to their advantage,” said Phil Quade, Chief
Information Security Officer, Fortinet.
“Therefore, it is important for defenders to
do the same and to relentlessly prioritise
www.intelligentcio.com
Upping the ante on evasion tactics
Many modern malware tools already
incorporate features for evading anti-
virus or other threat detection measures,
but cyberadversaries are becoming more
sophisticated in their obfuscation and anti-
analysis practices to avoid detection. For
example, a spam campaign demonstrates
how adversaries are using and tweaking
these techniques against defenders. The
campaign involves the use of a phishing
email with an attachment that turned out
“
RANSOMWARE
ATTACKS
CONTINUE TO
MOVE AWAY FROM
MASS-VOLUME,
OPPORTUNISTIC
ATTACKS TO
MORE TARGETED
ATTACKS ON
ORGANISATIONS.
to be a weaponised Excel document with a
malicious macro. The macro has attributes
designed to disable security tools, execute
commands arbitrarily, cause memory
problems and ensure that it only runs on
Japanese systems. One property that it looks
for in particular, an xlDate variable, seems to
be undocumented.
Another example involves a variant of the
Dridexbanking trojan which changes the
INTELLIGENTCIO
17