This post is also available in: עברית (Hebrew)
A successful targeted attack against a large organization can cause 2.4 million dollars in damages, that’s according to an international organizational threats survey by B2B International and Kaspersky Labs. Targeted attacks are among the most dangerous online threats, and their perpetrators usually have substantial resources and IT experience. The attacks usually target sensitive data and can lead to serious financial losses.
As to the exact scope of such losses, B2B International analysts determined that the average cost of a successful targeted attack is 2.4 million dollars, of these 2.17 million are as a direct result – the data loss, interruption of business, fees of legal experts and IT specialists that help assess the situation, and more. The rest of the expenses go towards defending against future attacks – hardware and software updates, hiring new security experts or training for existing personnel.
The losses for medium and small organizations are much lower, 92,000$ on average, but that’s still a significant loss if you take into account the size and capabilities of the organizations. Out of that average loss, 72,000$ go towards deal with the direct effects of the attack, while the other 20,000$ are used to defend against similar attacks in the future.
Targeted attacks may be the most harmful financially, but they are not the only threat, or even the most common threat. 9% of those surveyed were subjected to targeted attacks over the last year. A much higher percentage, 24%, were the subjects of attacks on their network infrastructure. This is the second most harmful type of attack, leading to 1.67 million dollars on average in financial losses for large organizations, and 73,000$ for medium and small organizations. 19% of the companies had intentional leaks, with losses amounting to 984,000$, or 51,000$ for medium and small organizations. Attacks exploiting common software vulnerabilities cost 661,000$, 61,000$ for medium and small organizations.
Targeted attacks are complex. Most require a long preparation period, during which the attacks search for vulnerabilities in the organization’s IT infrastructure and look for the right tools. Antivirus alone can’t stop this type of attacks, although it can handle others. Organizational information security solutions utilizing proactive threat detection technologies can help protect against targeted attacks, and against other IT threats.
Kaspersky Endpoint Security for Business (KESB) is one of the organizational solutions available today. It includes automatic breach prevention technologies, capable of identified targeted attacks based on zero-day vulnerabilities. In addition, the whitelist module, working in tandem with other information security solutions and automatic updates, has been effective against targeted attacks – especially if a dangerous vulnerability is found in every software in the organization’s whitelist.
The technology for dynamic management of white lists was tested and recommended by independent researchers, such as AV-TEST. Unlike other solutions using white and black lists, Kaspersky’s solution works continuously with other parts of the solution. This leads to a high level of protection for the whitelist database, and for the organization’s computers and workstations.