With any doubt, security is one of the biggest concerns of organizations all over the globe and it is getting harder and harder for companies to detect security breaches because of the advanced nature of cyber attacks. According to a report by FireEye, it takes 205 days on average to detect a data breach. The report also revealed that almost 70% of the organizations were notified by data breach by a 3rd party while 30% of organizations detected data breach by themselves.
Amazingly the average was 243 days in 2012 that dropped to 229 in 2013 and then 205 in 2014. Though this seems like a progress but actually this change is ignorable considering the fact hackers are now even more powerful than ever and they need less time to get unauthorized access to the data and critical information. On the other hand, a majority of phishing attacks were made on people related to IT or security firms. Attackers sent messages to the victims like they were coming from the IT department of victims’ company.
Though average number of days has been reduced but expectedly the number of cyber attacks has increased significantly in last couple of months and attackers are aiming customers in USA mostly. Retailers experienced almost 14% of cyber attacks which is 10% more than the previous year while businesses and services experienced 17% of cyber attacks. According to industry experts, web applications and virtualized applications are the main target of cyber criminals and this sector is facing hard time in particular.
Attackers try to get access to the system and then they try to access systems with more privileges and administrative access. According to the Mandiant report, almost all of the cyber attacks that were made in previous year have one thing in common; they all were made by exploiting the security loophole in remote access. Remote access requires authentication using user name and password, obviously two-factor authentication is a must needed feature in this current environment to protect organizations from unauthorized access.
Interestingly Europay MasterCard and Visa standard is less vulnerable than other payment methods available today; hopefully USA will get this payment method this year, retailers are hoping this payment method will make them secure to cyber attacks. Though security firms have been trying to adopt even more powerful features and security systems but this report clearly indicates the number of attacks will spike in upcoming years regardless the average time of data breach detection.
Remote access is one of the major reasons behind these attacks while VPN is also a big concern when it comes to security. Hackers find it easier than any other technique to get unauthorized access using VPN and by pretending to be a legitimate user. Recently Kaspersky Lab which is a well known security firm based in Russia, published a report revealing the facts about biggest cyber heist in the history in which hackers stole more than $1 billion from more than 100 banks in 30 countries including USA, Russia and some European countries. Obviously those financial institutes were unable to detect those attacks for months that allowed attackers to continue.