1 in 10 cybersecurity attacks are serious

[bitheerani90]

Analysis of Kaspersky Managed Detection and Response metadata, voluntarily and anonymously shared by customers , reveals that 10% of cyber incidents blocked by the solution could have significant iceland mobile database or allow unauthorized access to customer assets . The majority of attempted attacks (72%) were classified as medium severity and could result in loss of performance of corporate resources or one-off instances of data misuse.

Cyberattacks are becoming increasingly complex and employ advanced techniques to avoid detection by security solutions. Detection and prevention require experienced threat researchers who can identify suspicious actions before they can cause damage. The analysis of anonymous cases from Kaspersky customers took place in Q4 2020 and aimed to determine the level of spread and severity of reported incidents.

Public sector and IT among targets
The analysis showed that almost all sectors, except mass communications and transportation, experienced very serious incidents during the survey period. Public sector organizations (41%), IT (15%) and finance (13%) experienced the most frequent incidents, with almost a third (30%) of critical incidents coming from targeted attacks conducted by humans. In addition, almost a quarter (23%) were considered serious and classified as high-impact malware outbreaks, such as ransomware. In 9% of attacks, cybercriminals gained access to companies’ IT infrastructure using social engineering techniques.

Furthermore, our experts observed that APTs were detected as mechanisms for past attacks. This suggests that when an organization responds to a sophisticated threat, it is more often than not attacked again, sometimes by the same group.

“Our analysis shows that targeted attacks are common: more than a quarter of organizations (27%) have already experienced them,” comments Gleb Gritsai, Head of Security Services at Kaspersky.

Protection against advanced attacks
• Third-party managed and response services , such as Kaspersky Managed Detection and Response, can help identify and stop sophisticated attacks in their early stages, allowing damage to be mitigated and neutralized. Such services are ideal for companies that cannot rely on a Security Operations Center (SOC) but need to improve their security;

• Adopt a suite of security technologies, such as endpoint protection and EDR (detection and response) to improve identification of new sophisticated threats;

• Allow the security team and your SOC to have access to Threat Intelligence reports with the latest information on the tactics used by these groups in their attacks. This will allow detection at an early stage;

• Constantly train your security team so that they have the technical capabilities to operate new technologies and can create the policies necessary to establish high levels of corporate protection;

• Provide basic cybersecurity hygiene training to all employees, as many targeted attacks start with a simple phishing message or other social engineering techniques.