As organisations get better at detecting data breaches, hackers have become increasingly persistent, retargeting the firms they earlier broke into, US-based cyber security firm FireEye said. The financial services sector was seen to have the largest number of retargeted victims in 2018, particularly in the Asia-Pacific region, revealed the “FireEye 2019 Mandiant M-Trends Report”.
This trend is particularly relevant for the Indian market, given last year’s cyber attack incidents at Cosmos Bank and State Bank of Mauritius.
“I encourage Indian firms to reassess their security posture and determine whether they can quickly detect and respond to intrusions,” said Steve Ledzian, Vice President and APAC CTO, FireEye.
Global data from last year found that 64 per cent of all FireEye-managed detection and response customers were targeted again by the same or similarly motivated attack group — up from 56 per cent in 2017.
The Indian businesses must also determine whether “they know who is likely to attack them and how, and whether they have tested their security against human attackers in a red team scenario to try to spot weaknesses before their real world adversaries do,” Ledzian said in a statement.
In the meantime, organisations appear to be getting better at discovering breaches internally, rather than being notified by an outside source such as law enforcement.
“Over the past eight years, dwell times (information retrieval) have decreased significantly. The median dwell time across APAC was 204 days, indicating improvement over the previous year’s statistic of 498 days, but more comparable to the 172 days in 2016,” the report noted.
While organisations are detecting breaches faster, the fight against undetected compromises in the Asia Pacific region has not yet been won, said the report. “In 2018, we saw an increase in similarly motivated attack groups retargeting victim organisations and this trend is particularly significant in Asia Pacific,” the findings showed.