News

Carbon Black: 92% of businesses have been attacked in the last 12 months

Almost half have been targeted between three and four times in the period

12 Sep 2018

Almost all businesses have been subject to a cyber attack over the last 12 months, while 44% said they've been attacked between three and four times in that period according to a report by Carbon Black.

The company's Hacking, Escalating Attacks and The Role of Threat Hunting highlighted that 92% of businesses have been attacked in the last year. Almost all of these said there has been a notable increase in the number of times criminals attempt to break into their network infrastructure.

And threats are getting more sophisticated according to the 250 CIOs, CTOs and CISOs interviewed by the firm. 91% of respondents said threats were building in intensity and were becoming harder to manage, using advanced hacking techniques such as lateral movement, counter incident response and island hopping.

The company also noted that businesses are not implementing the basic defences against spear phishing, ransomware, commodity malware, crypto jacking and supply chain attacks, with employees still using weak passwords and businesses failing to update software when security holes are discovered.

When Carbon Black looked at the balance between the amount criminals are spending on developing the tools to strike businesses compared to how much businesses are spending on defences, it discovered a huge disparity. Hackers spend, on average, $1 trillion on developing cyber attack weapons every year, while businesses are only spending $96 billion.

"The stats clearly show that defenders are not keeping up with attackers' spending," said Tom Kellermann, Chief Cybersecurity Officer at Carbon Black. "The fact that 92% of UK companies have experienced a breach in the last year and nearly half have been breached multiple times is sobering. It's critical to educate UK businesses on the threats they face and how these threats can be mitigated."