Key Findings: The Carbon Black Quarterly Incident Response Threat Report (QIRTR) November 2018
With the end of Q4 2018, and the beginning of 2019, approaching rapidly endpoint security solution provider Carbon Black has released the latest iteration of their Quarterly Incident Response Threat Report (QIRTR). The November 2018 QIRTR was written with the upcoming U.S. elections in mind; however, there is still plenty for non-political enterprises to unpack and incorporate into their endpoint protection strategies.
Among the key takeaways from the November 2018 QIRTR is the increase in nation-state attacks and the new cyber attack tactics being employed. Nation-state hackers are now looking to destroy rather than steal, causing network outages and data deletion.
In the words of Tom Kellerman, Carbon Black’s Chief Cybersecurity Officer: “These attackers aren’t just committing simple burglary or even home invasion — they’re arsonists.” Indeed, Carbon Black found 32% of cyber attack victims suffered a destructive attack rather than a theft-based attack—an increasing percentage.
Other keying findings from the Carbon Black Quarterly Incident Response Threat Report (QIRTR) November 2018 include:
- Over half of incident response firms encountered attempts of a counter-incident response.
- 50% of cyber attacks utilize “island hopping” tactics—infiltrating one enterprise to leapfrog into their actual target.
- 38% of incident response professionals noted attacks on enterprise IoT devices, which can be used in island hopping attacks.
- The financial industry is still the most targeted by hackers.
- Only 5% of all cyber attacks are prosecuted.
Compounding these issues, many enterprises still lack an on-staff security expert, endpoint protection platform, or network visibility.
You can read the full Carbon Black Quarterly Incident Response Threat Report (QIRTR) November 2018 here.