Report Highlights Prevalence of Ransomware and Rise of Fileless and PowerShell Attacks; Need for Next-Gen Endpoint Protection
SentinelOne, the autonomous endpoint protection company, today announced the findings of its H1 2018 Enterprise Risk Index Report. According to the report, fileless based attacks rose by 94 percent in the first half of 2018, evidence of the trend’s growing popularity. In addition, as of June 2018, PowerShell attacks jumped to a record of 5.2 attacks per 1000 endpoints, compared to 2.5 attacks in May.
The report also examines the classification of detected documents and executables by the verdict provided by reputation services, unveiling that more than 70 percent of total detections were unknown to these services. The findings demonstrate the need for next-gen endpoint protection to effectively stay ahead of today’s rapidly changing threat landscape, as reputation-based detection is no longer a match for today’s cyber-criminals.
“As we enter the second half of 2018, there are a number of trends and prevailing threats businesses and individuals should be watching for,” said Aviram Shmueli, Director of Product Management, SentinelOne. “Our Enterprise Risk Index Report found that ongoing advancements in fileless malware, PowerShell attacks and ransomware continue to be a pain point as attackers refine methods to bypass legacy AV. Reputation feeds are not sufficient to combat today’s threats; highly sophisticated, proprietary engines are needed to provide real comprehensive protection.”
Other key findings of the report, which leverages anonymized data collected from SentinelOne global deployment of agents gathered from January 1, 2018 to June 30, 2018, include:
- Ransomware attacks remain popular, ranging from 5.6 to 14.4 attacks per 1000 endpoints.
- More than 70 percent of detected executables were unknown to reputation services
- More than 90 percent of detected documents were unknown to reputation services
To view the full report, please visit: https://go.sentinelone.com/WebAsset-EnterpriseRiskIndex.html
About the Author
SentinelOne delivers autonomous endpoint protection through a single agent that successfully prevents, detects and responds to attacks across all major vectors. Designed for extreme ease of use, the S1 platform saves customers time by applying AI to automatically eliminate threats in real time for both on premise and cloud environments and is the only solution to provide full visibility across networks directly from the endpoint. To learn more visit sentinelone.com or follow us at on LinkedIn, on twitter @SentinelOne, or on Facebook.