Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Malware & Threats

Companies Scared, Unprepared for Onslaught of APTs

Report Indicates Many Organizations Not Adequately Prepared for Persistent APT Onslaught

Report Indicates Many Organizations Not Adequately Prepared for Persistent APT Onslaught

This summer, Dmitri Alperovitch, VP of Threat Research at McAfee, revealed the discoveries of a series of targeted intrusions into 70+ global organizations that took place over the last 5 years. Along with revealing the attacks dubbed “Operation Shady RAT”, Alperovitch commented, “I am convinced that every company in every conceivable industry with significant size and valuable intellectual property and trade secrets has been compromised.”

APT AttacksSome criticized the specifics of Shady RAT and Alperovitch’s comments, dismissing them as marketing FUD (Fear, Uncertainty and Doubt) — but it appears many folks serving information security functions could be agreement with Alperovitch, at least in terms of the wide array of companies that could have experienced a breach.

Today, a report (paid) coming from The Enterprise Strategy Group revealed that a majority of mid-to-large U.S.-based corporations believe they have been the targets of sophisticated cyber attacks looking to steal sensitive data.

The report, which included responses 244 security professionals working at U.S. based organizations with more than more than 1,000 employees, revealed that 59 percent of respondents are “certain” or “fairly certain” that their organization has been the target of a previous APT attack. Additionally, 72 percent of organizations think they are a “highly likely” or “somewhat likely” target of future APT attacks.

Scared, Unprepared for APTs

Alarmingly, nearly one-third of the large organizations surveyed believe that they are vulnerable to future APTs, indicating that many organizations are ill prepared to protect against future attacks.

Additionally, 46% of large organizations that ESG categorized as “most prepared for APTs” (based upon their existing security policies, procedures, and technical safeguards) say they are vulnerable to future sophisticated attacks.

According to the report, 93% of security professionals working at enterprise organizations are either “extremely concerned” or “concerned” about APTs and the impact that APT attacks could have on vital U.S. interests such as national security and the economy.

Advertisement. Scroll to continue reading.

“Security professionals who understand the threat landscape best readily admit that their organizations are not only under attack but also vulnerable,” said Jon Oltsik, senior principal analyst at ESG and the primary author of the report. “Even more frightening, the companies that have already taken proper steps to secure their assets still believe they are vulnerable to APTs. If those organizations with strong cybersecurity policies are vulnerable to APT attacks, it’s safe to conclude that nearly all organizations are vulnerable.”

Just yesterday, Symantec uncovered a coordinated cyber-campaign designed to steal information from various companies across the world that hit many chemical and defense firms. Some of the attacks infected computers with the well-known PoisonIvy Trojan via email attachment sent to specific recipients in organizations that appeared to be meeting invitations from business partners.

“Virtually everyone is falling prey to these intrusions, regardless of whether they are the United Nations, a multinational Fortune 100 company, a small non-profit think-tank, a national Olympic team, or even an unfortunate computer security firm,” Alperovitch added during his revealing of Shady RAT. “I divide the entire set of Fortune Global 2000 firms into two categories: those that know they’ve been compromised and those that don’t yet know,” Alperovitch concluded.

Overall, the data presented in the ESG research report and other industry reports indicate that many organizations may not be adequately prepared for a persistent APT onslaught. ESG reminds us of the importance of security professionals to educate executive managers about APT risks, assess their existing security defenses, and bolster security analysis and forensic skills.

“Security professionals have the most knowledge about and experience with APTs. This group believes that APTs are real, unique, and extremely dangerous. It is imperative that business executives, IT managers, law enforcement officials, and legislators recognize the risks, accept this warning, understand what’s at stake, and begin to address cybersecurity weaknesses as soon as possible. The longer we delay, the more damage we will likely incur,” Oltsik concluded.

Written By

For more than 15 years, Mike Lennon has been closely monitoring the threat landscape and analyzing trends in the National Security and enterprise cybersecurity space. In his role at SecurityWeek, he oversees the editorial direction of the publication and is founder and director of several leading cybersecurity industry conferences around the world.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this event as we dive into threat hunting tools and frameworks, and explore value of threat intelligence data in the defender’s security stack.

Register

Learn how integrating BAS and Automated Penetration Testing empowers security teams to quickly identify and validate threats, enabling prompt response and remediation.

Register

People on the Move

DARPA veteran Dan Kaufman has joined Badge as SVP, AI and Cybersecurity.

Kelly Shortridge has been promoted to VP of Security Products at Fastly.

After the passing of Amit Yoran, Tenable has appointed Steve Vintz and Mark Thurmond as co-CEOs.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.