Woburn, MA – May 26, 2022 — / BackupReview.info / — Research based on the analysis of incidents reported to customers of Kaspersky Managed Detection and Response (MDR) has revealed that the share of critical incidents experienced by organizations increased from one-in-ten (9%) in 2020, to one-in-seven (14%) in 2021.
Increasingly complex infrastructures, shortage of skilled professionals and a growing sophistication of attacks can all affect the efficiency of cybersecurity teams and their ability to identify adversarial activity before incidents happen. To provide insights on the current threat landscape, Kaspersky analyzed anonymized customer incidents identified via its MDR service in 2021.
According to the resulting report, organizations across all industries experienced high severity incidents during this period, with most verticals facing multiple types of attacks. The most frequent causes of critical incidents remained the same as the previous year, with the biggest share (40.7%) belonging to targeted attacks. Malware with critical impact was identified in 14% of cases, and less than 13% of high severity incidents were classified as exploitation of publicly exposed critical vulnerabilities. Social engineering also remained a relevant threat, accounting for almost 5.5% of incidents caused.
In 2021, targeted attacks were detected in each vertical represented in the research, except for education and mass media, even though there were reported incidents related to targeted attacks within media organizations. The largest number of human-driven attacks were detected in government, industrial, IT and financial verticals.
High severity incidents are distinguished by a wide use of living-off-the-land (LotL) binaries of a non-malicious nature that are already available in a targeted system. These tools allow cybercriminals to hide their activity and minimize the chances of being detected during the first stages of an attack. In addition to widely used rundll32.exe, powershell.exe and cmd.exe, tools such as reg.exe, te.exe and certutil.exe have are often used in critical incidents.
To better prepare against targeted attacks, organizations can employ services that conduct ethical offensive exercises. This type of activity simulates complex adversarial attacks to examine a company’s cyber-resilience. According to Kaspersky’s MDR analysts, this was only applied in 16% of organizations.
“The MDR report once again shows that sophisticated attacks are here to stay, and more and more organizations are facing critical incidents,” comments Sergey Soldatov, head of security operations center for Kaspersky. “One of the most pressing issues that high severity incidents require more time to investigate and provide recommendations on remediation steps. Last year, Kaspersky analysts managed to significantly reduce this indicator from 52.6 minutes in 2020, to 41.4 minutes. This was achieved by adding more incident card templates, and introduction of new telemetry enrichments that speed up triage.”
To protect your organization from advanced attacks, Kaspersky recommends the following:
The full Kaspersky Managed Detection and Response analytics report is available via this link — https://go.kaspersky.com/MDR_Report2021
About Kaspersky
Kaspersky is a global cybersecurity company founded in 1997. Kaspersky’s deep threat intelligence and security expertise is constantly transforming into innovative security solutions and services to protect businesses, critical infrastructure, governments and consumers around the globe. The company’s comprehensive security portfolio includes leading endpoint protection and a number of specialized security solutions and services to fight sophisticated and evolving digital threats. Over 400 million users are protected by Kaspersky technologies and we help 240,000 corporate clients protect what matters most to them. Learn more at usa.kaspersky.com
Media Contact:
Cassandra Faro
Cassandra.Faro@Kaspersky.com
781-503-1812
Source: Kaspersky
Tags: Kaspersky
Copyright © 2004 - 2020 Backup Review.info | Sitemap
RSS feed for comments on this post · TrackBack URI
Leave a reply