Research of TAdviser and Microsoft: 39% of the Russian SMB-companies faced purposeful cyber attacks
According to results of a research of TAdviser and Microsoft which is carried out in the fall of 2019 in a year 39% of the companies of a segment of small and medium business faced the purposeful attacks. According to Positive Technologies company, more than 50% of the SMB-companies appropriate to risk of the APT attack * the high level of danger.
Content |
Joint survey of analytical center TAdviser and Microsoft "Cyber Security in the Russian Companies" [1]**, devoted to information security in the Russian segment of medium and small business, showed that 76% of the companies for the last year faced incidents in this sphere. At the same time data of company Positive Technologies *** show that more than a half of respondents of the SMB-companies consider risk of the purposeful attack (ART) of critical, and 80% of the companies are not sure of the readiness to resist to the attacks of this kind.
Main channels and purposes of the attacks
Most of the respondents polled by TAdviser and Microsoft noted that e-mail (66%) and external Internet resources (63%) became the main channel of threats, external drives (18%) and messengers (10%) follow further. At the same time 37% of respondents reported that money was the purpose of the attacks. On the second place — personal data (32%), and on the third — credentials (31%).
Representatives of some companies announced emergence of new types of the threats connected with mobile applications and devices. However use of programs racketeers was the most widespread method of the attacks: they were called by 54% of respondents. On the second place — DDoS (52%), go further the purposeful attacks and a phishing (on 39%). Within the poll only 15% of the companies reported that did not suffer damage as a result of cyber attacks, having successfully reflected them.
The research Positive Technologies "the APT attacks by eyes of staff of the Russian companies" confirms that business recognizes risks of such attacks and as their result the SMB-companies most often see information leak (including, according to data of poll of Microsoft and TAdviser, because of insiders), destruction and substitution of data (on 32% and 23% respectively) and also in 22% of cases as effects from the attack selected simple infrastructure, in 18% — damage of reputation, 15% of respondents noted as an effect from cyber attack real financial loss.
Artem Sinitsyn, the program manager of information security of Microsoft in the countries of Central and Eastern Europe, commented on results of a research:
 | We note growth of interest of cybercriminals in the SMB-companies, it is proved by a considerable share (39%) of the purposeful attacks. The staff of the companies to whom the attacks using means of social engineering are directed become "A weak link". For 2018 the average monthly indicator of the similar attacks grew by 4.5 times. At the same time we see that the SMB-companies reached a certain level of a maturity in approaches to providing Information Security: adequately estimate risk level and need of acceptance of effective measures. The companies already actively transform business: 39% of respondents confirmed the readiness to ensure functioning of geographically dispersed teams, including using mobile devices out of perimeter of corporate network (24%). At this stage it is crucial to outstrip actions of cybercriminals and to develop and also to apply pro-active strategy in cybersecurity. |  |
Protection methods
According to a research of TAdviser and Microsoft, 48% of respondents most efficiently protection against cybercriminals consider regular trainings on cybersecurity for personnel, and 47% answered that use of means of cryptoprotection will help to avoid the attacks. Another 40% called the best protection against threats a regular software update, and 32% of respondents noted need of use of modern devices for risk minimization of cybersecurity.
The research Positive Technologies shows that the SMB-companies in most cases already use standard means of protecting: antiviruses (in 85% of cases), IPS/IDS — 43%, in 37% of cases — firewalls (web application firewall, WAF). However after growth of threats of the company begin to use also such technologies for protection as sandboxes and the systems of the deep analysis of traffic (network traffic analysis) — on 33% and 20% respectively.
At the same time only 9% fall to the share of specialized solutions for protection against APT. Thus, the risk of APT is taken rather seriously today (including in SMB sector), but in practice approach to security does not correspond to new threats from cybercriminals yet.
| | The cyber security of segments of large and small business cannot be considered separately from each other. This year showed that stories in which the large target organization is attacked through the less protected partner (i.e. the SMB-organization) from single cases turned into a trend. Therefore the aspiration of large business to increase the security logically can lead to growth of requirements in terms of cybersecurity for the companies of the market of SMB (for which capability to resist to cyber attacks can turn into competitive advantage) — Alexey Novikov, the director of expert center of security of Positive Technologies (PT Expert Security Center) explains. | |
According to him, key recommendations about increase in security of organinization can be considered the correct setup of technical means of protection, permanent data collection and processing about security events, the analysis of traffic and search of suspicious activity in infrastructure and also the correct response to incidents and high-quality recovery of systems.
Notes
1. * - APT (advanced persistent threats) — the multi-stage, carefully planned and organized cyber attacks directed to the separate industry or specific usually large, the companies. They are also called targeted, target, purposeful. For carrying out such attacks cybercriminals integrate in criminal groups which it is accepted to call APT groupings.
2. ** - Survey was conducted among representatives of 450 Russian SMB-companies (16 — 250 employees inclusive) among which there are heads of IT departments, heads cybersecurity, heads of functional divisions, etc. Respondents represented various sectors of the economy: finance and insurance, e-commerce, retail, FMCG, industrial production, transport, power and housing and public utilities, etc.
3. *** - Assessment of threat of ART in terms of domestic business is executed on the basis of data of survey which was conducted among visitors of the website of Positive Technologies company, audience of the SecurityLab.ru portal (one of leaders of the Russian Internet in the field of network technologies of information security with monthly audience about half a million people, from most of which part programmers, IT and cybersecurity specialists, heads of the relevant divisions) and participants of a number of industry communities.
See Also
- Censorship on the Internet. World experience
- Censorship (control) on the Internet. Experience of China
- Censorship (control) on the Internet. Experience of Russia, Roskomnadzor
- Law on regulation of Runet
- VPN and privacy (anonymity, anonymizers)
- Protection of critical information infrastructure of Russia
- Law On security of critical information infrastructure of the Russian Federation
- National Biometric Platform (NBP)
- Single Biometric System (SBS) of these clients of banks
- Biometric identification (market of Russia)
- Directory of solutions and projects of biometrics
- Digital economy of Russia
- Information security of digital economy of Russia
- SORM (System for Operative Investigative Activities)
- State detection system, warnings and mitigations of consequences of the computer attacks (State system of detection, prevention and elimination of consequences of computer attacks)
- National filtering system of Internet traffic (NASFIT)
- Yastreb-M Statistics of telephone conversations
- How to bypass Internet censorship of the house and at office: 5 easy ways
- The auditor - a control system of blocking of the websites in Russia
- The Single Network of Data Transmission (SNDT) for state agencies (Russian State Network, RSNet)
- Data network of public authorities (SPDOV)
- Single network of telecommunication of the Russian Federation
- Electronic Government of the Russian Federation
- Digital economy of Russia
- Cyber crime in the world
- Requirements of a NIST
- Global index of cyber security
- Cyber wars, Cyber war of Russia and USA
- Cyber crime and cyber conflicts: Russia, FSB, National coordination center for computer incidents (NKTsKI), Information Security Center (ISC) of FSB, Management of K BSTM of the Ministry of Internal Affairs of the Russian Federation, Ministry of Internal Affairs of the Russian Federation, Ministry of Defence of the Russian Federation, National Guard of the Russian Federation
- Cyber crime and cyber conflicts: Ukraine
- Cyber crime and cyber conflicts: USA, CIA, NSA, FBI, US Cybercom, U.S. Department of Defense, NATO, Department of Homeland Security, Cybersecurity and Infrastructure Security Agency (CISA)
- Cyber crime and cyber conflicts: Europe, ENISA
- Cyber crime and cyber conflicts: Israel
- Cyber crime and cyber conflicts: Iran
- Cyber crime and cyber conflicts: China
- As the USA spied on production of chips in the USSR
- Security risks of communication in a mobile network
- Information security in banks
- Digital transformation of the Russian banks
- Overview: IT in banks 2016
- The policy of the Central Bank in the field of data protection (cyber security)
- Losses of the organizations from cyber crime
- Losses of banks from cyber crime
- Trends of development of IT in insurance (cyberinsurance)
- Cyber attacks
- Overview: Security of information systems
- Information security
- Information security (world market)
- Information security (market of Russia)
- The main trends in data protection
- Software for data protection (world market)
- Software for data protection (the market of Russia)
- Pentesting (pentesting)
- Cybersecurity - Means of enciphering
- Cryptography
- VPN - Virtual private networks
- Security incident management: problems and their solutions
- Authentication systems
- Law on personal data No. 152-FZ
- Personal data protection in the European Union and the USA
- Quotations of user data in the market of cybercriminals
- Jackpotting
- Virus racketeer (encoder)
- WannaCry (virus racketeer)
- Petya/ExPetr/GoldenEye (virus racketeer)
- Malware (malware)
- APT - Targeted or target attacks
- DDoS and DeOS
- Attacks on DNS servers
- DoS-attacks on content delivery networks, CDN Content Delivery Network
- How to be protected from DDoS attack. TADetails
- Rootkit
- Fraud Detection System (fraud, fraud, fraud detection system)
- Solutions Antifraud directory and projects
- How to select an antifraud system for bank? TADetails
- Security Information and Event Management (SIEM)
- Directory of SIEM solutions and projects
- Than a SIEM system is useful and how to implement it?
- For what the SIEM system is necessary and as it to implement TADetails
- Intrusion detection and prevention systems
- Reflections of local threats (HIPS)
- Confidential information protection from internal threats (IPC)
- Phishing, DMARC, SMTP
- Trojan
- Botha's botnet
- Backdoor
- Worms Stuxnet Regin
- Flood
- Information loss preventions (DLP)
- Skimming (shimming)
- Spam
- Sound attacks
- Antispam software solutions
- Classical file infectors
- Antiviruses
- Cybersecurity: means of protecting
- Backup system
- Backup system (technologies)
- Backup system (security)
- Firewalls
| The site content is translated by machine translation software powered by PROMT. The machine-translated articles are not always perfect and may contain errors in vocabulary, syntax or grammar. Read original article If you find inaccuracies or errors in the results of machine translation, please write to editor@tadviser.ru. We will make every effort to correct them as soon as possible. |