Attackers fighting back against security teams while also targeting supply chains
According to the world’s leading IR professionals, increasingly sophisticated attacks involving instances of “island hopping,” counter incident response (IR), and lateral movement within a network are quickly becoming the new normal.
Carbon Black’s 100+ IR partners conducted more than 500 response engagements in 2018 and continue to use Carbon Black solutions in more than one engagement per day, on average. The insights from the Global Incident Response Threat Report chronicle Carbon Black partners’ experiences during these critical engagements.
Among the key findings from the report:
- Half of today’s surveyed attacks leverage “island hopping,” the report noted, meaning attackers are not only after a network, but supply chains as well
- More than half of survey respondents (56%) encountered instances of counter-incident response in the past 90 days
- 70% of all attacks now involve attempts at lateral movement, according to the survey results, as attackers take advantage of new vulnerabilities and native operating system tools to move around a network
- Nearly a third (31%) of targeted victims now experience destructive attacks, the survey noted — an alarming byproduct of attackers gaining better and more prolonged access to targets’ environments
“Attackers are fighting back. They appear to have no desire to leave the environment. And they don’t just want to rob you and those along your supply chain. In the parlance of the dark web, attackers these days appear to want to ‘own’ your entire system,” said Tom Kellermann, Carbon Black’s Chief Cybersecurity Officer.
According to the survey results, the financial and healthcare industries remain most vulnerable to destructive attacks, but the threat to manufacturing companies has grown significantly.
In the past 90 days, nearly 70% of all respondents saw attacks on the financial industry, followed by healthcare (61%) and manufacturing (59%, up from 41% in the previous report).