Cybersecurity specialist Secureworks is today releasing its Incident Response Insights Report.
The global report which pulls from real-world incidents unearths some surprising truths of the cybersecurity landscape; including the most targeted industries and preferred hacking tools used by cybercriminals. The report also hones in on the increasing complexity of nation state attacks.
Main research findings
- The top three industries most impacted by targeted cyber threats were manufacturing, technology, and government
- The average time it took to evict nation state attacks was 500% greater than the time to evict non-targeted threats, due to the often entrenched nature of adversaries plus the necessity to fully understand the extent of the threat actor’s capability and access
- On average, these targeted cyber threats remained undetected in an organisation’s IT networks for 380 days. In fact, Incident responders frequently encountered threat actors that had access to compromised environments for months, sometimes even years
- Phishing continues to be a hackers’ favorite method for gaining access into organisations. 40% of the incidents Secureworks conducted began with a phishing email
- Financially-motivated criminal activity far outweighs government-sponsored threat actors and insider threats, with 83% of attacks being financially motivated
- Compared to North America and the APJ region, organisations within EMEA adopted a far more reactive security approach to cyber threats rather than proactive
- When a threat actor becomes aware of an eviction attempt, it can quickly become a complex game of ‘cat and mouse’ with threat actors aiming to avoid the attention of the respond
Secureworks Incident Response
Secureworks Incident Responders log 250 billion events every day, and help hundreds of organisations navigate through complex and high-risk incidents. This report shares best practices and valuable lessons learned over the past year from real-world incidents, and unearths the risks, remedies, and best practices for defending against cyber threats.