According to a recent study from ThreatTrack Security, nearly 6 in 10 malware analysts at U.S. enterprises have investigated or addressed a data breach that was never disclosed by their company.
These results indicate that known data breaches may be significantly underreported and are putting customers and partners at risk. Moreover, according the survey, companies with more than 500 employees are even more likely to have had an unreported breach, with 66% of malware analysts with enterprises of that size reporting undisclosed data breaches.
The independent blind survey of 200 security professionals dealing with malware analysis within U.S. enterprises was conducted by Opinion Matters on behalf of ThreatTrack Security in October 2013.
“While it is discouraging that so many malware analysts are aware of data breaches that enterprises have not disclosed, it is no surprise that the breaches are occurring,” said ThreatTrack CEO Julian Waits, Sr. “Every day, malware becomes more sophisticated, and U.S. enterprises are constantly targeted for cyber espionage campaigns from overseas competitors and foreign governments. This study reveals that malware analysts are acutely aware of the threats they face, and while many of them report progress in their ability to combat cyber-attacks, they also point out deficiencies in resources and tools.”
Outmanned, Outgunned and Out of Time
Not surprisingly, 40% of respondents said that one of the most difficult aspects of defending their organization’s network was the fact that they don’t have enough highly-skilled security personnel on staff.
According to the company, malware analysts often spend their time “tackling easily avoidable malware infections originating at the highest levels of their organization.”
In the survey, malware analysts revealed a device used by a member of their senior leadership team had become infected with malware due to executives:
• Visiting a pornographic website (40%)
• Clicking on a malicious link in a phishing email (56%)
• Allowing a family member to use a company-owned device (45%)
• Installing a malicious mobile app (33%)
When asked to identify the most difficult aspects of defending their companies’ networks from advanced malware, 67% said the complexity of malware is a chief factor; 67% said the volume of malware attacks; and 58% cited the ineffectiveness of anti-malware solutions.
More than half (52%) of all malware analysts said it typically takes them more than 2 hours to analyze a new malware sample. Conversely, only 4% said they are capable of analyzing a new malware sample in less than an hour, with 35% saying they did not have access to an automated malware analysis solution.
The study asked also malware analysts for their opinions on government-sponsored cyber espionage. 37% of respondents said the U.S. is the country most adept at conducting cyber espionage. China was a close second at 33%.
Related Insights: Cloud-Based Sandboxing: An Elevated Approach to Network Security
Related Insights: I’m a Fortune 500 Company and I’ve Been Hacked