How Statistics Tell the Story of an Endpoint Attack

How Statistics Tell the Story of an Endpoint Attack

How do statistics tell the story of a typical endpoint attack? Moreover, how can you use this knowledge to protect your enterprise and users from external threat actors?

Hackers constantly evolve their tactics and malware programs to subvert and circumvent cybersecurity protections. However, at the same time, hackers tend to use the techniques that work on a majority of victims. Unfortunately, businesses don’t take cybersecurity seriously or improve past legacy solutions, so hackers can just keep the same malware strategies. 

So how do external threat actors perform an endpoint attack? Here’s what you need to know. 

 

How Statistics Tell the Story of an Endpoint Attack

Small and Mid-Sized Businesses at Risk 

According to Hiscox’s Cyber Readiness Report 2019, attacks on small to mid-sized businesses continue to increase year-over-year. 47 percent of smaller businesses and 63 percent of mid-sized businesses suffer from cyber-attacks.  

Why does this statistic matter to your business? It reveals that every business regardless of size and industry is at risk. Smaller businesses often believe that hackers won’t target them because of their size and relatively minor importance. Therefore, SMBs neglect to perform the basic maintenance of their cybersecurity and endpoint security, including replacing legacy systems and patching. 

Hackers do not care about size, only about the ease of entry and the profit they can make. If you don’t already have one, you need a next-generation solution before hackers attack. 

An Endpoint Attack Starts With Phishing

According to the IBM Cost of a Data Breach Report, 90 percent of cyber attacks begin with a phishing attack. In fact, it is easy to see why hackers constantly come back to this well:

  • Every user has email access. 
  • All businesses use emails as one of the primary means of external communications. 
  • Users often blindly trust emails that appear to come from recognized sources. 

Taken together, email represents one of the largest attack vectors shared among enterprises. A single phishing attack, once successful, can infiltrate an entire network without raising suspicion until far too late. Therefore, you need the capabilities to repel these attacks. 

First, you need to raise the cybersecurity awareness of all your employees. Common suggestions include:

  • Unless you are expecting an attachment, do not open attachments in emails even from recognized sources. 
  • If suspicious of an email from an external institution or business, call the business to confirm. Do not use the phone number given in the email, and do not reply to the email. 
  • Similarly, if an email asks you to verify your account or payment information, do so by going to the website independently. Do not follow or click links in the email. 

Otherwise, you need the right capabilities to stop phishing attacks. This includes deploying email security to block as many suspicious or known malicious emails from reaching inboxes as possible. Additionally, capabilities which help prevent malware from lateral movement such as application control can help mitigate endpoint attacks early on. 

The Faster Found, the Less the Damage

Also according to IBM Cost of a Data Breach Report, it took organizations an average of 280 days to identify and contain a breach. 

A common rule of thumb in cybersecurity is this: the longer an attack persists, the more it costs. So an endpoint attack of average length might prove very expensive indeed; IBM finds that the average cost of a breach is close to $4 million. 

Therefore your business must work to reduce the dwell time of attackers. Endpoint Detection and Response (EDR) can help with that. It functions as a threat detection and alert tool to find threats dwelling in devices and prompt investigations. With a faster threat investigation and response time, your enterprise can catch hackers before they inflict serious damage. 

You can learn more about how to deflect an endpoint attack in our Buyer’s Guide

 

Follow me

Ben Canner

Editor, Cybersecurity at Solutions Review
Ben Canner is an enterprise technology writer and analyst covering Identity Management, SIEM, Endpoint Protection, and Cybersecurity writ large. He holds a Bachelor of Arts Degree in English from Clark University in Worcester, MA. He previously worked as a corporate blogger and ghost writer. You can reach him via Twitter and LinkedIn.
Ben Canner
Follow me