SECURITY FIRM Fortinet has released its newest Global Threat Landscape report and its discovery that 90 per cent of hacks in the last year could have been avoided if people updated and patched their systems.
The report comes cool on the heels of WannaCry and NotPetya and at a time when people are trying to work out what bitcoins are so that they can buy some in advance of a ransom demand. Fortinet's findings show that 90 per cent of outfits were hacked with vulnerabilities that could have been sorted out with a patch three years ago, while 60 per cent of companies had vulnerabilities that are over a decade in the wild.
"These attacks could have been largely prevented if organizations had simply practiced basic security hygiene. Both WannaCry and NotPetya targeted a vulnerability that had been patched by Microsoft a few months earlier," said the firm.
"But it's not just these high-profile attacks that target recent vulnerabilities that are the problem. During Q2, 90 per cent of organizations recorded exploits against vulnerabilities that were three or more years old. And 60 per cent of firms experienced successful attacks targeting devices for which a patch had been available for ten or more years."
WannaCry and NotPetya both targeted a patched vulnerability, but it had only been out for a couple of months. Fortinet said that organisations that avoided attack have either patched in good time or are using up to date security tools.
Fortinet also found that the number of exploits is growing fast and that the bulk of them have the capability to do some damage.
"The volume of exploits we are seeing continues to grow rapidly. FortiGuard Labs detected 184 billion total exploits in Q2, compared to 129 billion detections in Q1 - an increase of 30 per cent," it said.
"This represents an average daily volume of 1.8 billion attacks, compared to 1.4 billion in Q1. These aren't the result of just a handful of attacks. We detected 6,298 unique exploits, up from 5,542 in the first quarter of 2017. And these exploits are effective. 69 per cent of organizations experienced high or critical exploits in Q2 of 2017." µ
Welcome to the dystopia Black Mirror warned us about
Microsoft in 'more helpful' shock
A whole new way to be tied to your ISP
Search giant puts Epyc chips at the heart of its datacentre servers