Cyber attacks now longer than ever
Cyber attacks have reached a tipping point in terms of quantity, length, complexity and targets. As cyber threats are growing and expanding to new targets, 52% of respondents to a report by Radware, reveal they can effectively fight an around-the-clock campaign for only a day or less.
“It would not be a surprise to see double the number of attacks occurring in the next 12 months and companies need to stay vigilant. Attacks are becoming far more sophisticated. Staying abreast of the changes in attack patterns, objectives and execution is something that must remain ‘on’ at all times,” says Ron Winward, director of network engineering at ServerCentral, a respondent of the report.
Key findings:
A watershed year: From a cyber attack perspective, 2014 has been a watershed year for a number of industries, including electric and power, healthcare, financial services. Attacks are rife with great complexity and zeal and require sophisticated solutions to solve the complexity of the threat. Attackers have adapted to multiple mechanisms of cyber-defense employed by organizations, fighting back with multiple techniques in a single attack.
Constant attacks on the rise: 19 percent of the major attacks reported are considered “constant” by the targeted organization. In past years (2013, 2012 and 2011), organizations have reported many weeklong and even month-long attacks—but never have more than 6 percent reported experiencing constant attacks.
New point of failure in DDoS attacks: Previous years has shown DDoS attacks directed to the server or firewall. However, due to an increase in UDP attacks, the Internet pipe has been regarded as the number-one failure point in 2014.
Hybrid security solutions gaining ground: More than a third of respondents (36%) indicated that they have employed hybrid solutions to help gain ground against attacks, combining on-premise equipment with cloud solutions. Nearly half of responses (48%) suggest that they will employ a hybrid solution by 2015.
Executive insights: A qualitative study and exploration of the most pressing problems and persistent challenges that can cause a loss of sleep with executives in the C-Suite. Responses from CIOs, CISOs and VP-level executives within billion-dollar enterprises and best security measures they have implemented over the past 12-months.
“As both reputation loss and revenue loss from a cyber-attack is a major concern of respondents in our report, it is no surprise that three-quarters of executives stated that security threats are now a CEO or board-level concern,” says Carl Herberger, vice president of security solutions for Radware. “More than half of respondents reported changes to their security process, protocols, and/or mandates in response to security threats, with more than a third indicating the use of a hybrid solution of on-premise and cloud solutions to protect against attacks.”