Companies that have been victims of sophisticated cyber attacks end up being hit again by cybercriminals in less than a year, say researchers at CrowdStrike, a US security company, which recently published this year’s Cyber Front Lines Report.
According to the report, in 68% of cases where a company suffers a cyber attack, she will be attacked again in up to 12 months. The rationale is that most companies think they can go back to normal as soon as they have been attacked and they also don’t believe that it can happen again.
The report aims to provide a detailed view of how cybercriminals are adapting to today’s realities, but also seeks to offer recommendations for companies to improve their cybersecurity in 2021. For the study, CrowdStrike contacted companies from all over the world. the sizes of 15 sectors and 34 different countries.
In 30% of the cases analyzed, companies’ antivirus software was configured incorrectly, with weak security settings or not even deployed across the entire environment. In 40% of cases, antivirus solutions failed to provide the necessary protection against more sophisticated attacks.
According to the researchers, 2020 was marked by “impressive volume and the speed of financially motivated attacks”. 81% of attacks seeking financial return are of ransomware. The remaining 19% is split between point of sale intrusions, attacks on e-commerce, compromised commercial email (BEC) and cryptocurrency mining.
However, while ransomware attacks are preferred by the media in general, State-funded attacks and espionage remain a serious threat against many sectors of the economy.
According to Chief Security Officer and President of CrowdStrike, Shawn Henry, remote work redefined the battle scene between cybercriminals and information security. Because of the isolation, there is more data from companies circulating on unprotected home networks. “Corporate networks now span offices and homes, providing a wide variety of new attack surfaces and vectors that adversaries can exploit.”
“Holistic coordination and continuous surveillance are essential to detect and stop sophisticated intrusions. We are seeing a necessary shift from one-time emergency commitments to ongoing monitoring and response. This will allow incident response teams to help customers dramatically reduce the average detection, investigation and correction time from 162 hours to less than 60 minutes, ”he concludes.
Sources: CrowdStrike; Cyber Front Lines Report.
See the original post at: https://thehack.com.br/empresas-que-foram-vitimas-de-cibercrimes-voltam-a-ser-atacadas-no-mesmo-ano/?rand=48873