(MENAFN Press) Study Reveals Many Show no Cause for Concern
Dubai, United Arab Emirates
New research commissioned by Trend Micro in conjunction with Quocirca, shows that over 73% of public sector bodies said they had knowingly been victims of a targeted attack in the past with 38% saying these attacks had caused a significant impact on their organisation.
Trend Micro commissioned a survey of 300 organisations in a range of sectors and sizes in the UK, Germany and France to gain insight into a pernicious threat, which has now become a mainstream mode of attack for both cybercriminals and hacktivists.
Yet despite these experiences, over a third (35%) thought targeted attacks were not a cause for concern going forward. Given the increasingly large fines levied by the UK's Information Commissioner's Office for data breaches, and the negative publicity that comes as a result, failing to adequately prepare for such threats would appear to be a dangerous oversight.
"Governments are consistently among the top sectors targeted by advanced persistent threats and international espionage", said Rik Ferguson, VP of security research at Trend Micro. "To discover that those victims and potential victims see it as "no cause for concern" betrays a worrying lack of comprehension of the nature and breadth of attack technologies arrayed against them and little regard for their persistence or sophistication. Effective security begins with the acceptance that breach will happen but must be designed to collect immediate actionable intelligence to allow threats to be identified and contained within the smallest possible timeframe."
The research further shows that 45% of public sector respondents even admitted that their concerns over fines as a result of attack were increasing and 62% said reputational damage worried them.
Of equal concern is that public sector respondents were the least likely (15%) to deploy technology to prevent targeted attacks. Over 41% of them said that less than one tenth of the security budget would be spent on such tools going forward.
Typically, targeted attacks come in the form of threats which traditional security defences can't detect or stop. This is perhaps borne out by the fact that 68% of public sector respondents “ more than any other “ said they had found malware on their systems which current defences hadn't spotted.
Those public sector bodies interviewed on behalf of Trend Micro and Quocirca were among the most exposed of any sector to such sophisticated threats. 79% said they were regularly or occasionally hit by zero day malware over the past 12 months, 73% had been exposed to polymorphic malware, 79% by encrypted malware and 82% to social engineering attacks.
While not always an indication of a targeted attack, these threats do illustrate an increasingly sophisticated and persistent foe.