Member Article

Cybercriminals ramping up volume and sophistication of UK attacks

A new report released on Tuesday 5th February will reveal the stark truth that an overwhelming number of UK companies suffered cybersecurity breaches in 2018.

2018 saw Britain suffer several big IT breaches. Headline names such as Ticketmaster, BA, HSBC, TSB were all hit. But the new UK Threat Report from Carbon Black will highlight that almost every company in every sector in the UK is now being systematically targeted with ever more sophisticated attacks.
But Britain isn’t alone: this picture is very similar for businesses in many of the world’s leading industrialised nations including Germany, France, Italy, Canada, Japan, Singapore and Australia.

And separate analysis of over 15 million Carbon Black protected ‘endpoints’ has revealed each one suffered two attacks per month, on average. That means an organisation with 10,000 devices is being attacked around 660 times every day.

Adversaries continue to hold huge advantages of scale and funding, and are leveraging those to deadly effect. Many are now consistently taking a more strategic approach to infiltrating companies. A large number of attacks feature techniques including secondary command and control, counter incident response and island hopping.

So how are companies successfully fighting back?

They have clearly realised it’s no longer realistic to base their security strategy on reactive defence. The majority are now ‘threat hunting’, very actively testing their own defences to pre-empt attacks. The research will reveal that a significant number will report that their defences are stronger as a result. But is the scale of the challenge provoking a response among budget holders? And what are currently the most effective and destructive type of attacks - watering holes? Does ransomware still hold sway? How are supply-chain risks evolving? And are employees still an organisation’s weakest link?

Knowing where to allocate that budget is critical, Rick McElroy, Head of Security Stategy at Carbon Black explains. “Watering hole” tactics, whereby sites are compromised and malware pushed to site visitors were cited as the most effective and destructive but phishing attacks alone are still at the root of one in five successful breaches, proving the old adage that humans are still an organisation’s weakest security link.

This was posted in Bdaily's Members' News section by Broadcast Exchange .