NSA breach prototypical insider attack, retail/ PoS breaches typical outsider attack
Most organisations cite privileged account takeover as the most difficult to tackle
WHISTLEBLOWER Edward Snowden’s (pic) revelations of spying by the US National Security Agency (NSA) has also affected security strategies in the corporate world, according to a survey by cybersecurity specialist CyberArk.
About 68% of businesses which responded to CyberArk’s 8th Annual Global Advanced Threat Landscape survey said that NSA breach and the number of retail/ point of sale (PoS) system breaches in the past year were the most impactful in terms of changing security strategies to protect against the latest threats.
The survey was developed through interviews with 373 C-level and IT security executives across North America, Europe and the Asia Pacific, CyberArk said in a statement.
The majority of organisations surveyed believe that attacks reaching the privileged account takeover stage are the most difficult to detect, respond to and remediate.
While the NSA breach is widely regarded as the prototypical insider-based attack, and the retail/ PoS breaches are regarded similarly for outside attacks, the critical link between both attacks was the compromise and exploitation of privileged credentials.
“Loss of IP (intellectual property) and competitive advantage, diminishing brand value, loss of customers and negative shareholder impact are just a few of the business impacts many organisations felt as a result of cyber-attacks this year,” said Adam Bosnian, CyberArk executive vice president.
“This year’s survey results demonstrate that whether it’s an insider like Edward Snowden, or an outside-based attack like the retail/ PoS breaches, attackers require the exploitation of insider credentials to successfully execute their attacks,” he added.
When asked which cyber-attacks or data breaches in the past year had the biggest impact on their business’ security strategy:
37% of respondents cited the NSA/ Edward Snowden breach;
31% of respondents cited retail/ PoS attacks; and
19% of respondents cited government-sponsored espionage.
As companies move to the cloud and streamline the supply chain by providing routine network access to third-parties, cyber-attackers are increasingly targeting these partners to steal and exploit their privileged access to the target company’s network.
This pathway was used in some of the most devastating breaches in the last 12 months. The survey found that:
60% of businesses now allow third-party vendors remote access to their internal networks; and
Of this group, 58% have no confidence that third-party vendors are securing and monitoring privileged access to their network.
Organisations continue to face sophisticated and determined attackers seeking to infiltrate networks, CyberArk said.
Many organisations face daily perimeter-oriented attacks, such as phishing, designed to give attackers a foothold to steal the privileged credentials of an employee to give them de facto insider status.
The survey found that:
52% of respondents believe that a cyber-attacker is currently on their network, or has been in the past year; and
44% believe that attacks that reach the privileged account takeover stage are the most difficult to detect, respond to and remediate; 29% believe it is the malware implantation stage.
Survey respondents stated that the following trends were the most impactful in terms of shaping and changing security strategies:
30% stated Bring Your Own Device (BYOD);
26% stated cloud computing;
21% stated regulatory compliance; and
16% stated the Internet of Things (IoT).
When asked whether their organisation had or was considering deploying security analytics, this year’s survey found that:
31% of businesses have already deployed security analytics in some form;
23% were planning on deploying security analytics in the next 12 months; and
33% had no plans to leverage security analytics.
To request a free copy of the full survey, go here.
Cloud adoption shaken by Snowden revelations: Survey
Year 1 AS: I hope we get more Snowdens
Govt malware, insider threats to dominate security landscape: CyberArk
Target: Learning from security breaches on POS systems
Mitigating security threats on POS systems
For more technology news and the latest updates, follow us on Twitter, LinkedIn or Like us on Facebook.