74% organizations think they will be hit by an APT in the near future

Pierluigi Paganini October 22, 2015

The ISACA study “2015 Advanced Persistent Threat Awareness-Third Annual” tries to uncover information security professionals’ understanding of APT threats.

A new report published by the ISACA organization that surveyed more than 660 cyber security professionals reveals that more than one in four organizations (28%) have already suffered an APT attack.

ATP attacks report ISACA

According to the experts, the BYOD is increasing the APT risks and the large use of mobile devices is dramatically increasing the surface of attack of the companies.

Another element of concern are the third-party relationships that could be exploited by attackers to hit the companies. In many cases, APT targeted contractors and business partners in order to this a firm because they a worse security posture.

“Advanced persistent threats have become the norm. Many major breaches are connected to APT tools and methodologies,” said Christos Dimitriadis, international president of ISACA. “As a result, it is more critical than ever for cybersecurity leaders and professionals to have a thorough understanding of these threats, and to be prepared to quickly and effectively respond.”

75% respondents report that their organizations have not updated their third-party agreements to improve the resilience to APT attacks.

Overall, more than 67 percent of the 2015 respondents believe that their organization is prepared to respond to APT attacks to some degree, in 2014 the percentage was 74 percent.

Another sore point is the lack of attention in the training of staff, companies invest more in technical controls that training and education of its employees, this many expose the organization to social engineering attacks that is one of the most effective attack technique used by APT groups.
Most of the attacks start with spear phishing and watering hole attacks, it is very common to compromise targeted organizations by serving malware via email or through exploit kit hosted on bogus websites.

“Social engineering remains at the center of APT activity to gain footholds into information systems. Early efforts began with phishing, then evolved to spear phishing, and proceeded on to whaling, which often included an attachment or a link that contained malware or an exploit. However, over the past three years APTs have moved on to the Internet as the main attack vector (e.g., web sites, social media and mobile applications)” states the report.

The report highlights the increasing use of social media and mobile apps to spread the infection.

The report also revealed a positive evolution in the approach to cyber security of the organizations, the most important sign is the commitment of executives. 62 percent of interviewed confirmed that their organizational senior management is becoming more sensitive to cybersecurity issues.

This improvement can also be attributed to the increased level of awareness of APTs, probably due to the numerous APT attacks uncovered by security firms in the recent years.

Pierluigi Paganini

(Security Affairs – APT, cybercrime)

you might also like

leave a comment