CIO Influence
CIO Influence News Security

Menlo Security Report Reveals Less Than Three in 10 Organizations Are Equipped to Combat the Growing Wave of Web-Based Cyber Threats

Menlo Security report reveals less than three in 10 organizations are equipped to combat the growing wave of web-based cyber threats

Report finds that 62 percent of IT decision makers have suffered a browser-based attack in the past 12 months

Web malware (47 percent) and ransomware (42 percent) now top the list of security threats that organizations are most concerned about. Yet despite the growing risks, less than a third (27 percent) have advanced threat protection in place on every endpoint device that can access corporate applications and resources. This is according to new research, ‘The state of threat prevention: evasive threats take center stage’, published by Menlo Security, a leader in cloud security, exploring what steps organisations are taking to secure themselves in the wake of a new class of cyber threats – known as Highly Evasive Adaptive Threats (HEAT).

PREDICTIONS SERIES 2024 - CIO InfluenceCIO INFLUENCE News: AWS Forecast in Germany Calls for Increasing Clouds

As employees spend more time working in the browser and accessing cloud-based applications, the risk of HEAT attacks increases. Almost two-thirds of organizations have had a device compromised by a browser-based attack in the last 12 months. The report suggests that organizations are not being proactive enough in mitigating the risk of these threats, with 45 percent failing to add strength to their network security stack over the past year. There are also conflicting views on the most effective place to deploy security to prevent advanced threats, with 43 percent citing the network, and 37 percent the cloud.

“Threat actors seek to exploit gaps in traditional security defences and the fact that security capabilities haven’t really changed over the past decade. One of the areas of focus for attackers is using web threats and we’re seeing more and more of them successfully deployed using HEAT techniques. Last year, we saw Nobelium use HTML smuggling, a HEAT tactic to avoid static and dynamic content analysis, to deliver malware and ransomware attacks. The fact that these are successful means their usage will increase, which could have devastating consequences for companies of all sizes,” explains Mark Guntrip, senior director of cybersecurity strategy, Menlo Security.

“Working practices have changed and companies must stop relying on traditional tools and strategies that just don’t cut it anymore. Adopting a prevention-driven approach to security is the only way to achieve this and using isolation-powered security to do so stops the browser from having any direct interaction with the website and content and ensures that HEAT attacks don’t stand a chance.”

Competing security priorities

According to the research among 500+ IT decision makers in the UK and US, hybrid/remote working (28 percent) is the biggest challenge organizations expect to face this year when it comes to protecting their corporate network from advanced threats. This is followed by budget restrictions (15 percent), the presence of unmanaged devices (14 percent), and outdated security solutions (13 percent).

There are also several competing priorities for IT professionals when it comes to improving their security posture in 2022. Training staff tops the list (61 percent), followed by technology investment to protect the corporate network (60 percent), adapting to new ways of working (50 percent), and investing in skilled security members at 45 percent.

Additional research findings:

  • Although 55 percent of respondents have invested in their security stack over the past year and 27 per cent have advanced threat protection in place, it is not having the desired effect as attacks are still successfully penetrating their defence lines.
  • Half of respondents believe that firewalls are an effective way of mitigating HEAT attacks, and 31 percent favor VPNs.
  • Organizations believe that the threat of a cyber-attack is a case of ‘when’ not ‘if’, regardless of size. Consequently, IT decision makers are most concerned about the reputational damage (62 percent) and financial loss (57 percent) that a security breach could have on their business.

According to Guntrip, “organisations need to prioritise a review of their network security solution stack. HEAT attacks target web browsers as the attack vector and employ techniques to evade detection by multiple layers in current security stacks, including firewalls, Secure Web Gateways, sandbox analysis, URL Reputation, and phishing detection, so clearly a new strategy is needed.”

CIO INFLUENCE News: Cycode Introduces Complete Approach to Application Security Posture Management

What are HEAT attacks?

The Menlo Labs research team has been analysing Highly Evasive Adaptive Threats (HEAT), which bypass traditional security defences, including firewalls, Secure Web Gateways, sandbox analysis, URL Reputation, and phishing detection.

Used to deliver malware or to compromise credentials, which in many cases leads to ransomware payloads, HEAT attacks include at least one of four evasion techniques:

  • Evades Both Static and Dynamic Content Inspection
  • Evades Malicious Link Analysis
  • Evades Offline Categorisation and Threat Detection
  • Evades HTTP Traffic Inspection

CIO INFLUENCE News: Vectra AI Adds Advanced Hybrid Attack Detection, Investigation and Response Capabilities for AWS

[To share your insights with us, please write to sghosh@martechseries.com]

Related posts

Red Hat Introduces Red Hat Trusted Software Supply Chain

Business Wire

GoodRx Agrees to Acquire vitaCare, A Tech-Enabled Pharmacy Services Platform

Walmart, Netflix and Google in List of Top Brands Most Likely to be Imitated by Phishing Attackers

CIO Influence Staff Writer