New data from security vendor CrowdStrike shows that the bad guys are getting better at avoiding detection and are having a substantial financial impact on operations.
One factor that determines just how “bad” an attack can be is the scope of its’ impact. If a data breach results in the theft of just 50 records versus 50 million records, it’s not considered a major attack, right.
But when business is disrupted by cyberattack, the scope of such an attack can’t be anticipated and, in some cases, may be very difficult to calculate until well after the attack has been discovered and mitigated.
According to CrowdStrike’s 2020 Services Cyber Front Lines Report, 35 percent of attacks resulted in business disruption. This dominates over data theft (25%) and monetary loss (10%). One factor benefitting attackers is their ability to dwell on a network undetected. According to the report, the average number of days undetected in 2019 was 95 days – a 12% increase over 2018! With more time to move around the network, learning about what applications are used, where data is stored, and what accounts provide access, attackers gain the upper hand in planning an executing an attack that does the most damage.
Typically done as part of a ransomware attack, business disruption helps increase the likelihood that a ransom will be paid. So, it behooves an attacker to ensure their ransomware’s reach is as great as is possible across your network.
The single largest initial attack vector, according to CrowdStrike, remains spearphishing – representing 35% of all attacks in 2019. This fact alone means that, despite putting layered security solutions in place, attacks are making all the way to the user’s Inbox. Users need to become a part of your organization’s security stance by putting them through Security Awareness Training where they learn about attack types, methods, scams, and more, so that they won’t fall prey to an attack.