243 Days to Discover Attack

Monday, March 18, 2013 @ 05:03 PM gHale


Almost 66 percent of organizations learn about a breach after hearing about it from an external source, a new report said.

While companies are getting better at identifying targeted attacks on their own, it takes a company, on average, 243 days before discovering an attack, during which the criminals can freely roam their networks, according to the “M-Trends 2013: Attack the Security Gap” study from security firm Mandiant.

The report focuses on advanced persistent threats (APTs) which attackers use penetrate organizations and steal sensitive information. That number, though, dropped by 173 days compared to the previous year.

RELATED STORIES
New Wave: Risk-Based Security
Survey: Database Security too Complex
Stolen Corporate Data at Highest Levels
Mobile Number Harvesting Tool

It’s interesting to note the use of outsourced service providers is also problematic for cyber security. Attackers are taking advantage of the relationship between the targeted company and outsourced business processes such as finance, accounting and HR.

To make their attacks more efficient, cybercriminals collect large quantities of data related to system administration guides, processing methodologies and network infrastructure. This allows them to navigate their victims’ networks faster.

While China always stands accused of cyber spying on the U.S., Mandiant did say the top three industries repeatedly targeted by the country are aerospace, energy and pharmaceuticals.

“We’ve seen first-hand that a sophisticated attacker can breach any network given enough time and determination,” said Grady Summers, vice president at Mandiant.

“It’s not enough for companies to ask ‘Are we secure?’ They need to be asking ‘How do we know we’re not compromised today? How would we know? What would we do about it if we were?’”



Leave a Reply

You must be logged in to post a comment.