Cyberattacks can impact any organization, big or small. But large enterprises are often more tempting targets due to the vast amount of lucrative data they hold. A new report from cybersecurity firm Anomali reveals an increase in successful cyberattacks and offers ideas on how organizations can better protect themselves.
Published on Thursday, the “2022 Anomali Cybersecurity Insights Report” is based on a survey of 800 cybersecurity decision makers commissioned by Anomali and conducted by Harris between September 9 and October 13 of 2021. The survey elicited responses from professionals in the US, UK, Canada and other countries who work full time in such industries as manufacturing, telecommunications and financial services.
Among the respondents, 87% said that their organizations were victims of successful cyberattacks sometime over the past three years. In this case, a successful attack is one that caused damage, disruption or a data breach. Since the pandemic started almost two years ago, 83% of those polled have experienced an increase in attempted cyberattacks, while 87% have been hit with a rise in phishing emails, many of them exploiting coronavirus-related themes.
SEE: NIST Cybersecurity Framework: A cheat sheet for professionals (free PDF) (TechRepublic)
Ransomware has caused turmoil for many of the respondents, with more than half saying they’ve been impacted by this type of attack over the past three years. Some 39% of them said they paid the ransom. Among those, 58% paid somewhere between $100,000 and almost $1 million, while 7% shelled out $1 million or more.
Financial losses due to cyberattacks, phishing campaigns, and data breaches have surged, especially from 2019 to 2020. In 2019, some 15% of the organizations suffered losses of $500,000 or more. In 2020, that percentage almost doubled to 28%.
As cyberattacks have grown more sophisticated and effective, security has become a greater challenge. Only 49% of the respondents said they strongly agree that their security teams are able to prioritize threats based on trends, severity and possible impact. Even less (46%) said they strongly agree that their security technologies can evolve to detect known threats. Further, 32% strongly agree that their security teams struggle to keep up with the quickly changing nature of cyberthreats.
Detecting and recovering from an attack can take time. Those surveyed said that they take on average 3.6 days to detect known attacks that come from cybercriminal organizations, 3.5 days to detect those from individual hackers, 3.3 days for those from advanced persistent threats (APTs) and 2.9 days for those from nation states. Following the Solar Winds exploit in 2020, organizations took on average 2.9 days to respond and 3.1 days to recover.
SEE: What are mobile VPN apps and why you should be using them (TechRepublic Premium)
How are organizations trying to deal with the rise in cyberattacks? The survey uncovered several different ideas.
To better detect security issues with legacy systems, respondents are increasingly taking advantage of new technologies. Among those polled, 59% have employed threat intelligence, 48% are using extended detection and response (XDR) technologies and 43% rely on the MITRE ATT&CK Framework.
Some 78% of the security professionals said they’ve reassessed their cybersecurity strategy since the pandemic started, 74% reported that their security budgets have increased over the past year and 38% said that almost 40% of their overall IT budget is now geared toward cybersecurity.
Finally, the respondents were asked what factors they use to evaluate new security technologies. The factor considered the most essential as cited by 48% was the level of support available to users. Ease of use came in second, cited by 46% of those surveyed, while the ability to integrate with other security systems was the third most important factor, mentioned by 44%. The least important factors were return on investment with 33% and cost with 26%.
“This new research reveals that adversaries have not only stepped up the number of attacks they have started launching since COVID-19 first struck the world but have also greatly improved their success rates,” Anomali president Hugh Njemanze said in a press release. “We were encouraged to learn that many organizations are devoting more resources to cybersecurity and adopting new technologies to become more resilient. We were also deeply concerned over how difficult it is for them to detect and respond to attackers before and after they’ve made their way into networks.”