CISOs Getting Smart; But Cyber Criminals Are Smarter

by CXOtoday News Desk    Mar 15, 2017

Cyber threats

Organizations around the globe are becoming better at identifying breaches, according to a study by cybersecurity solution provider, FireEye, which observed that privately organized cyber criminals are closing the capability gap with nation-state actors, launching more sophisticated attacks that are more difficult to trace, according to a new analysis released by cybersecurity firm FireEye. 

“When it comes to attack trends, we are seeing a much higher degree of sophistication than ever before. While nation-states continue to set a high bar for sophisticated cyber attacks, some financial threat actors have caught up to the point where we no longer see the line separating the two,” the research says, referring to hackers that target financial information to make money. [Read the full report here]

“Financial attackers have improved their tactics, techniques and procedures (TTPs) to the point where they have become difficult to detect and challenging to investigate and remediate,” the firm’s M-Trends 2017 report released this week.

The research was produced by Mandiant, a subsidiary of FireEye that came to the limelight in 2013 for releasing a report implicating China in espionage against the United States. FireEye purchased the computer forensics company in 2014 for about $1 billon.

The survey found an unexpected trend in 2016, where attackers called targets on the phone. They did this to convince victims to enable macros in a phishing document, or to get targets to provide a personal email address in order to circumvent controls protecting corporate accounts.

The study highlights that the defensive capabilities have been slow to evolve. A majority of both victim organizations and those working diligently on defensive improvements are still lacking fundamental security controls and capabilities to either prevent breaches or to minimize the damages and consequences of an inevitable compromise.

“The types of attacks we are seeing are familiar, but with increasing sophistication. Determined attackers are extremely persistent and demonstrate increasing ingenuity in achieving their objectives. Organizations still need to focus on the fundamentals of IT Security,” said Chris Nutt, Managing Director, Mandiant, FireEye.

On a positive note however, the study shows that the global median time from compromise to discovery has dropped significantly from 146 days in 2015 to 79.5 days in 2016. There is a much higher degree of sophistication from attackers than ever before. Financial attackers have improved their tactics, techniques and procedures to the point where they have become difficult to detect and challenging to investigate and remediate, highlights the study.

Nonetheless, the researchers recommend that organizations adopt a posture of continuous cyber security, risk evaluation and adaptive defense or they risk having significant gaps in both fundamental security controls and – more critically – visibility and detection of targeted attacks.