‘Flipping the Economics of Attacks’ – A Report

Written by

Findings from a new report by Palo Alto Networks and the Ponemon Institute have revealed a fascinating insight into what motivates cyber-criminals to do what they do and how organizations can harden their defenses against them.

Although ‘Flipping the Economics of Attacks’ found money to be a significant incentive for a large proportion (67%) of cyber-criminality, attackers in the UK ‘earn’ an average of just £8600 from one successful attack. Whilst this is approximately £2000 less than their German (£10,400) and US (£10, 900) counterparts, the findings revealed an interesting closeness in results across different countries.

In an email to Infosecurity Palo Alto Networks said:

“As this is a survey, the respondents are reflecting their own marketplace. What was actually quite interesting was the closeness in the figures from across the various countries.” While UK respondents declared slightly lower profits they were “still very similar to the responses from Germany and the US, and this evidence points more to the global nature of cyber-threats.”

The average adversary makes just over £20,000 per year whilst a cybersecurity professional can earn up to four-times that much. Of course, it is inevitable that some attackers will see greater returns from their criminality than others, but clearly the idea of cyber-hackers getting their ‘big pay out’ and living the millionaire lifestyle is something of a myth. 

What is a far more realistic reflection of the mentality of cybercriminals is their opportunistic nature, which is highlighted in the report. By and large, attackers are looking for easy targets which they can breach quickly for realistic economic gains. More than half (54%) of UK respondents admitted that it takes less than 24 hours for an experienced criminal to plan and carry-out an attack against an organization with a ‘typical’ IT security structure, and 50% said this time-frame had decreased over the last two years. 

However, the same research also revealed that if the time it takes to complete a breach were to increase by just 40 hours a company would not only buy itself invaluable time to safeguard its sensitive and confidential information, but 60% of attackers would be deterred and divert their attention to another target. This significant finding is a call to arms for organizations to continually take active measures to assess the effectiveness of their security structure and always be prepared to invest in appropriate technologies that can slow, and ultimately stop, cyber-attacks.

Quentin Taylor, Director of EMEA Information Security, Canon, told Infosecurity businesses can successfully thwart the progress of a cyber-attack by focusing on the basics of IT security.

“Too many times vendors talk about advanced threats yet when you look at underlying vectors behind many attacks they seem to predominately have simple roots.” he explained. “If there was one single approach that can delay a successful attack it is to raise the initial bar as this may put off the less sophisticated attacker.”

“If you look specifically at a single company upping their game, whilst others remain easier targets, the results for the company taking action can be significant.”

However, Quentyn suggested that simply ‘slowing’ cyber-criminals is not enough, and that all the time “there is profit to be made; crime will flourish no matter what the medium.” 

He added:

“The main point is to change the paradigm” so that “cybercrime becomes less profitable.”

With cyber-criminals posing constant privacy threats security should be at the forefront of an organization’s IT infrastructure. By adopting a prevention-first approach companies can not only harden their defenses but an excellent infrastructure can make it economically inviable for an attacker to target a business. 

The report suggests there is strength in numbers, with the most effective strategy for preventing attacks being the sharing of threat intelligence. Of all the security technologies available to a company 52% of UK respondents said sharing information was the most likely to stop a cyber-criminal from carrying out a successful breach. 

What is clear from ‘Flipping the Economics of Attacks’ is that there is more to building a strong, effective security infrastructure than merely focusing on technological solutions to the prevalent issue of cyber-security. An organization must consider the profit-based motivation that drives hackers and take head of the simple fact that the longer an attack takes to carry-out, the less likely it is to be successful.

What’s hot on Infosecurity Magazine?