Increase of Cyber Attacks on IT Managers
In its latest survey ‘The Impossible Puzzle of Cybersecurity’, Sophos states that the IT managers are been cyber attacked from all the possible directions and they are struggling to handle the issue. Lack of security expertise, budget, and advanced technology are the root cause for these attacks. The survey was conducted on 3,100 IT decision makers from midsized businesses in 12 countries across the globe.
Cyber attacks can be either targeted or untargeted. In targeted attacks, a particular individual is chosen out of special interest on their business or being paid to attack the victim. But untargeted attacks occur when the attackers randomly attack numerous devices, services and users. This could be done by either on a most familiar person or a complete stranger.
Sophos survey also reports one out of six IT managers had no clue they were breached. Among the total number of cyber attack victims, 54 percent were hit by phishing email, 39 percent was affected by ransomware and 48 percent has suffered data breaches. 91 percent of organizations were under cyber security protection while it was attacked. The organization are attacked in multiple ways, such as 33 percent via email, 30 percent through web, 23 percent by software vulnerabilities and 14 percent by using unauthorized external devices.
“Cybercriminals are evolving their attack methods and often use multiple payloads to maximize profits. Software exploits were the initial point of entry in 41 percent of incidents, but they were also used in some fashion in 35 percent of all attacks, demonstrating how exploits are used at multiple stages of the attack chain,” states Sunil Sharma, Managing Director Sales, Sophos India & SAARC. “Organizations that are only patching externally facing high-risk servers are left vulnerable internally and cybercriminals are taking advantage of this and other security lapses.”
Once the cyber attack has occurred, it’s difficult to handle and manage further attacks, thus organizations should implement crisis management plan, which can be deployed post the cyber attack to secure the network and reduce the further damage as this would help in recovery process. The organization can have specialized team of cyber security technicians, who could identify the source of attack and alert the customers about the data breaches occurred, and can work on the recovery process. The type of attack occurred, data stolen and the impact the company underwent, the organization could analyze these points and can reach to the cause of the cyber attack.
Once the type of attack is analyzed, the organization can take required measures to secure the network, to avoid any further attacks or damages, by operating offline, isolating particular network, or even blocking traffic to their network to avoid hacker’s further attack.
Read More News: