Targeted Attacks' Success Continues to Worry Businesses: Survey
Nearly half of the companies polled are concerned that they will not get better at defending against sophisticated attacks.Targeted attacks aimed at stealing data from companies continue to worry information-security professionals, as limited resources and complex technology continued to hobble their efforts to defend against the so-called advanced persistent threats (APTs), according to a survey released Dec. 3. Companies discovered an average of nine successful targeted attacks in their networks in the past year and took an average of 225 days to detect the attacks, according to the survey of 755 IT and security professionals. Almost all the attacks incorporated malware and more than half used a phishing attack or other social engineering technique to compromise the network, according to the survey, published by the Ponemon Institute and funded by recent IBM acquisition Trusteer, an endpoint protection firm. Most telling, 63 percent of the polled professionals discovered the sophisticated attacks by accident. "Security folks see that this is an increasing problem, it is going to get worse, and they don't have the appropriate technologies nor budget to detect and fight these things," George Tubin, senior security strategist at Trusteer, told eWEEK.
Theft of data and trade secrets has become an increasing concern for security professionals, following a number of high-profile incidents in the past few years. In early 2010, Google announced that its network and those of more than two-dozen other companies had been breached by Chinese hackers using sophisticated attacks. The following year, security firm RSA revealed that attackers, also thought to be from China, had breached its systems, reportedly taking a database of secret codes that its SecurID technology used to generate pseudo-random keys.