60 percent of organisations now actively 'threat hunting' to counter surge in cyber-attacks

News by Tom Reeve

The arms race between attackers and defenders looks set to grow as organisations match increasingly aggressive attackers with ever-greater cyber-security budgets, according to a survey from Carbon Black.

Nearly every organisation in the UK has been hit by sophisticated cyber-attacks in the past year, according to a report from Carbon Black.

A survey of 250 UK CIOs, CTOs and CISOs conducted by independent pollsters Opinion Matters found that 88 percent of organisations had suffered a breach in the past 12 months and 89 percent said that attacks had become more sophisticated.

This is the second quarterly survey of the UK threat landscape conducted by Carbon Black. The first was published in September.

The good news for the cyber-security industry is that 93 percent said they plan to increase overall spending on cyber-defence, an increase of six percentage points over the last report. Overall, 58 percent of organisations surveyed plan to increase their spending on cyber-defence by more than 20 percent. "This could hint at the start of a step change in security spending, as businesses get more realistic about the scale of the challenges they face," the report said.

Organisations are being breached on a regular basis, according to the report, and the incidence is increasing at a worrying pace. According to the survey, the average number of breaches suffered by the survey respondents rose from 3.48 to 3.67, a five percent increase between the first and second editions of the survey.

Nearly one in five organisations reported a 51 to 100 percent increase in the number of attacks while nine percent suffered increases of more than 100 percent, the report said.

Government and local authority organisations were hit the worst, with 100 percent of respondents in this sector saying they had been breached in the past year and suffering an average of 4.65 breaches in the period. Five percent of government organisations have seen an increase in cyber-attacks of 200 to 300 percent.

In the private sector, financial services were most likely to report being breached (98 percent).

According to Carbon Black’s 2019 Global Threat Report, which analysed attacks on the 15 million Carbon Black protected endpoints around the world, the average endpoint is attacked twice per month. This means an average organisation with 10,000 endpoints suffers an average of 660 attacks per day.

Carbon Black believes that organisations need to become more proactive in identifying potential attacks and urges CISOs to adopt a ‘threat hunting’ approach to cyber-security. Some 60 percent of organisations said they are now actively threat hunting, the report said, with 34.5 percent of these having started in just the past 12 months.

However, Carbon Black laments that 24 percent of organisations are not adopting this as a tactic, believing their present detection and response tactics are sufficient to engage the risk faced by their organisations.

Meanwhile, in a separate report, UK businesses were subject to a staggering average of 281,094 internet-borne cyber-attacks in 2018, a 23 percent increase on the previous year. That’s according to Beaming, an internet service provider for businesses which added that the figure surged in the final two months of 2018 to more than 1,500 attacks per day on average.

The targets for these attacks were IoT applications such as building management systems (BMS) and networked security cameras which taken together attracted an average of 489 attacks per day in the final quarter of 2018. File-sharing applications saw 277 attacks per day and databases 120 attacks per day, according to the figures from Beaming.

Sonia Blizzard, managing director of Beaming, said that as an ISP the company had good visibility on what was happening to customers. "We’ve seen a huge surge in criminal activity online in the final months of 2018. UK businesses were attacked at least once every two minutes last year, making it the worst year on record for cyber-attacks," she said.

And she added: "While there is plenty that we can do at a network level to minimise the threat of online attacks, businesses need to take cyber-security seriously and put in place multiple layers of protection to ensure they don’t expose their people, assets, customers and businesses partners to undue risk." 

Find this article useful?

Get more great articles like this in your inbox every lunchtime

Video and interviews