Home Business At least one in two companies found malware on their network

At least one in two companies found malware on their network

Al menos una de cada dos empresas encontró software malicioso en su red

According to the recent report of Kaspersky Incident Response Analytics51.9% of organizations surveyed in 2021 found ransomware on their networks, a significant increase compared to 2020 when the figure was 34%.

The report also revealed that More than half (53.6%) of cyberattacks in 2021 started by exploiting vulnerabilities in outdated software.

Faced with these security difficulties in companies, Kaspersky offers simple solutions to reduce the chances of an attack and prevent an incident before it occurs.

When attackers plan their campaigns, they often look for an easy entry point, such as public servers with known vulnerabilities, accounts with weak passwords, malicious emails, or accounts with stolen credentials (compromised accounts). Year after year, these initial access vectors have given rise to a growing number of high-severity cybersecurity incidents.

The analysis of anonymous incident response case datas handled by Kaspersky’s Global Emergency Response Team (GERT) demonstrates that the exploitation of public applications, accessible both from the internal network and from the Internet, has become the most widely used initial vector to penetrate the perimeter] of an organization.

The share of this method as an initial attack vector increased from 31.5% in 2020 to 53.6% in 2021, while use of compromised accounts and malicious emails decreased from 31.6% to 17.9% and from 23.7% to 14.3%, respectively.

This change is likely related to vulnerabilities discovered in Microsoft Exchange serversand last year. The ubiquity of this mail service and the public availability of exploits for these vulnerabilities have resulted in a large number of related incidents.

Another aspect evaluated by the report shows how the file encryptionone of the types of most common ransomware that deprives organizations of access to their data, remains the number one issue facing businesses for three years in a row. Additionally, the number of organizations that found this type of malware on their networks increased significantly over the observed period (from 34% in 2019 to 51.9% in 2021). Another alarming aspect is that in more than half of the cases (62.5%), the attackers spend more than a month inside the network before encrypting the data.

the adversaries they manage to go unnoticedIt’s within an infrastructure in large part because they use legitimate operating system tools, known offensive tools, and the use of commercial frameworks, all of which are involved in 40% of all incidents.

After the initial penetration into the network, attackers use legitimate tools for different purposes: PowerShell to collect data, Mimikatz to escalate privileges, PsExec to execute commands remotely, or frameworks like Cobalt Strike for all stages of the attack.

“Our report shows that a proper patch management policy alone can reduce the probability of a successful attack by 50%. This once again confirms the need for basic cybersecurity measures. At the same time, even the most complete implementation of such measures cannot guarantee uncompromising defense”, he comments Konstantin Sapronov, Head of the Global Emergency Response Team at Kaspersky.

 “Since adversaries resort to various malicious methods, the best way to protect your organization is by using tools and approaches that allow you to detect and stop adversary action throughout the different stages of an attack.”.

To minimize the impact of an attack in the event of an emergency, Kaspersky recommends:

  • Continuously train your incident response team to retain their expertise and keep them up to date with the changing threat landscape
  • Implement strict security programs for applications with personally identifiable information
  • Use a detection and response solution to endpoints with a Detection and Managed Response service to detect and react to attacks in a timely manner, among other features
  • Know the profiles of the adversaries that target your industry and region to prioritize the development of security operations
  • Back up your data so you can access crucial files in the event of a ransomware attack and use solutions capable of blocking any attempts to encrypt your data
  • Work with a trusted partner from incident response retention to address incidents with fast service level agreements (SLAs)

 

Kaspersky

Kaspersky is a global cybersecurity and digital privacy company founded in 1997. Kaspersky’s security and threat intelligence expertise is constantly being transformed into innovative security solutions and services to protect businesses, critical infrastructure, governments and consumers around the world. The company’s broad security portfolio includes protection from endpoints leader and a series of specialized security solutions and services to combat the most advanced and evolving digital threats. More than 400 million users are protected by Kaspersky technologies and we help 240,000 corporate customers protect what they value most.

 

No Comments

Leave A Reply

Please enter your comment!
Please enter your name here

Exit mobile version