Rudimentary attacks, such as intrusion attempts, information gathering, and policy violations pose the greatest risk to midsized organisations, according to a recent cyber threat report by E Sentire, Inc., one of the largest pure-play Managed Detection and Response (MDR) providers. Produced by E Sentire’s Threat Intelligence team, the “2016 Midmarket Threat Summary Report” provides an overview of the cyber threats investigated by the E Sentire Security Operations Center (SOC) in 2016. The report addresses three key areas: threat types, threat volume, and attack types. The analytical assessment includes visual data analysis, written analytical evaluations, practical recommendations, and key analytical assumptions, providing threat perspective for business leaders in small and midsize enterprises, and actionable takeaways to help leaders strategically reduce the risk of cyber attacks.
“In 2016, the E Sentire SOC detected almost 5 million attacks across hundreds of primarily small to medium organisations, spanning multiple industries,” said Viktors Engelbrehts, director of threat intelligence at E Sentire. “Cyber criminals are attracted to easy targets because they are low risk, high reward, and require little effort to execute. However, available evidence suggests that the majority of opportunistic cyber attacks against mid-sized businesses can be prevented by applying basic best practice security principles.”
The findings showed that March to April and September to October were the most intense periods of threat events throughout the year, with March being the most active month, and June to July being the least active. The most often observed threat categories were intrusion attempts, information gathering, and policy violations, representing 63% of all observed attacks. Intrusion attempts (primarily web attacks) was the top-ranking threat category, representing almost 30% of all observed events.
Web-based attacks and network scanning continue to increase as widely adapted automated tools allow a hands-off approach by threat actors. The report concludes that rudimentary attacks pose the greatest risk – cyber criminals are moving away from sophisticated malicious code attacks, with the majority of attackers preferring inexpensive and automated methods of intrusions, exploiting ‘low hanging fruit’ (representing almost 30% of all observed events). This trend is expected to continue so long as these techniques are successful. Also every organisation is a target – with easier access than ever before to simple and automated tools, cyber criminals can quickly and easily stage attacks against every business.
