You’ve probably been hacked and haven’t yet realised.
Most companies take weeks to discover a security breach, whilst the time to compromise is almost always days or less, if not minutes or less concludes Verizon’s 2016 Data Breach Investigations Report. Companies that are hacked usually either find the attacker making a big song and dance about it with Ransomware and DDoS likely tools for diversions, and/or stay hidden whilst they identify and exfiltrate the valuable data they can get their hands on.
93% of cases where data was stolen, systems were compromised in minutes or less whilst in over 80% of cases, victims didn’t find the breach for weeks or more. (It’s important to remember that these statistics were taken prior to Yahoo’s disclosure that an estimated 500 million accounts were breached and it took them nearly 2 years to discover.)
Time is of the essence
To produce the report, Verizon analysed 64,199 incidents and 2,260 breaches collected by 67 organisations, discovering that more than 90% of breaches fall into the same patterns.
The figure below llustrates how quickly the attacker gets in and out of your network with large spikes driven by very specific threats. The compromise time of minutes is actually another reflection of the ubiquitous ‘Dridex’ breaches in this year’s dataset. These cases begin with a phish, featuring an attachment whose mission in its malware life is to steal credentials. If you have legitimate credentials, it doesn’t take a very long time to unlock the door, walk in and help yourself to what you want. Conversely, the exfiltration time being so weighted in the ‘days’ category is heavily representative of attacks against POS devices where malware is dropped to capture, package and execute scheduled exports.
Bryan Sartin (Managing director, Verizon RISK Team and joint author of the Verizon 2016 DBIR) commented:
“There’s no such thing as an impenetrable system, but often even a half-decent defense will deter many cybercriminals — they’ll move on and look for an easier target…Sadly, many organizations fail to achieve even that modest ambition.”
Infosec Partners can help
Concerned that your organisation isn’t prepared for a breach or worried that you might have been breached? We can help. From stress testing your security strategy and working with board level and executive leaders to strengthen the Cyber Culture of your organisation, to hands on the ground support in preparing your security ecosystem and responding to incidents. Infosec Partners are proven experts in full-spectrum cybersecurity and a team you can trust.
For your free consultation, complete the adjacent form or to speak with trusted advisor immediately call us on +44 (0)1256 893662.