Cato Networks, a provider of SASE solutions, released its Cato CTRL SASE Threat Report for Q1 2024, highlighting significant security vulnerabilities across enterprise networks. The report reveals organizations are still running insecure protocols over their Wide Area Networks (WAN) - making it easier for cybercriminals to infiltrate and move laterally within networks.
The findings are based on analysis of 1.26 trillion network flows and the prevention of 21.45 billion attacks within Cato's SASE Cloud Platform traffic between January and March 2024.
Key insights include a concerning reliance on insecure protocols such as HTTP, telnet, and older versions of SMB. These pose risks for data interception and lateral movement across networks.
Despite the hype around zero-day vulnerabilities, many older exploits like CVE-2017-9841 targeting PHPUnit and CVE-2021-44228 affecting Log4J all remain prevalent - pushing the need to focus on patching known vulnerabilities to remain protected.
The report also noted that AI tools continue to rapidly gain traction in enterprises. Microsoft Copilot, OpenAI’s ChatGPT, and Emol were commonly used during the first quarter of 2024.
Of the sectors adopting it most, travel and tourism are leading in AI adoption (79% of organizations), while entertainment lags behind (44%).
In terms of industry-specific cyber threats, media and entertainment organizations are also underutilizing security applications. Targeted techniques such as Endpoint Denial of Service (T1499) in industries like entertainment, telecommunications, and mining & metals are still happening. Also services and hospitality sectors face a high risk of credential exploitation (T1212).
The report’s findings are a reminder of the critical need for organizations to address vulnerabilities in their network protocols and prioritize patching known exploits. With cyber threats evolving and industry-specific risks becoming more pronounced, enterprises must adopt comprehensive security strategies, including the integration of AI tools, to effectively mitigate risks and protect their digital assets.
"As threat actors constantly introduce new tools, techniques, and procedures targeting organizations across all industries, cyber threat intelligence remains fragmented and isolated to point solutions," said Etay Maor, Chief Security Strategist at Cato Networks and a founding member of Cato CTRL. "Cato CTRL is filling this gap to provide a holistic view of enterprise threats. As the global network, Cato has granular data on every traffic flow from every endpoint communicating across the Cato SASE Cloud Platform, and we're excited to share what we've learned with the broader industry to spark a more secure future."
Edited by
Greg Tavarez
