Most cyber intrusions lead to follow-up attacks


By Dylan Bushell-Embling
Friday, 11 December, 2020
Most cyber intrusions lead to follow-up attacks

More than two-thirds of organisations that fell victim to an intrusion in 2020 experienced an additional intrusion attempt, according to the latest annual CrowdStrike Services Cyber Front Lines Report.

Based on an analysis of CrowdStrike’s global incident response and proactive services teams in 2020, the report found that intrusions are no longer a one-time event.

Among customers who had experienced an intrusion before leveraging CrowdStrike to manage their endpoint protection efforts, 68% experienced another intrusion attempt, which was prevented.

Meanwhile, the report found that misconfigured security software leaves organisations exposed. In at least 30% of incident response engagements, CrowdStrike found that the target organisation’s antivirus solutions were either incorrectly configured with weak prevention settings or not fully deployed across the environment.

Antivirus protection also failed to prevent an intrusion in 40% of incidents, in which either malware was undetected or a portion of the attack sequence was missed by antivirus tools.

The report also found a “staggering increase” in the volume and velocity of financially motivated attacks as many organisations were forced to rapidly adapt to remote work during COVID-19.

Of these, 81% involved the deployment of ransomware, while only 19% included e-crime attacks such as point-of-sale intrusions, e-commerce website attacks, business email compromise and cryptocurrency mining.

“Remote work has redefined the playing field between cyber attackers and defenders, and that’s clearly demonstrated in the CrowdStrike Services Cyber Front Lines Report. Corporate networks now span both office and home, providing a wealth of new attack surfaces and vectors that adversaries can exploit,” CrowdStrike Services CSO and President Shawn Henry said.

“Holistic coordination and continued vigilance are key in detecting and stopping sophisticated intrusions. Because of this, we’re seeing a necessary shift from one-off emergency engagements to continuous monitoring and response.”

Image credit: ©stock.adobe.com/au/ArtemSam

Related News

Research reveals growing distrust of threat detection tools

A report by Vectra AI finds 48% of ANZ SOC practitioners say security vendors flood them with...

Obsidian Security opens Sydney data centre

Obsidian Security has established a data centre footprint in Australia to help bolster its...

Orro launches managed observability service

Orro says its new managed observability service can help Australian organisations rapidly...

Content from other channels on our network

Quantum computing experts conquer entanglement challenge in silicon chips

"Dualtronic" chip for integrated electronics and photonics

Researchers illuminate inner workings of new-age soft semiconductors

Flourine-free binder, electrolyte for greener batteries

An intro to the software-defined car

Surf Life Saving comms to be explored at Comms Connect Melbourne

Sphere Drones to aid NSW National Parks and Wildlife Service

Drone-based powerline inspection protects grid health

Hytera Unveils S Series Two-Way Radios for Small and Midsize Businesses

Introducing the Simoco SDx600: A New Era in Public Safety Communications

New service aims to shield solar panels from hail

Safely guiding cables for pick-and-place robots

Electricity sector jobs forecast to double by 2029

TMPW Series: Traco Power's Compact and Reliable Power Solutions, Available at TME

Electric shock leads to $40K fine

  • All content Copyright © 2024 Westwick-Farrow Pty Ltd