Security Staff Feel Largely Unprepared for Cyber-Espionage and APTs

A survey revealed that 52% are “not confident” that that their IT staff could detect the presence of an attacker attempting to breach their network or extract private data
A survey revealed that 52% are “not confident” that that their IT staff could detect the presence of an attacker attempting to breach their network or extract private data

A survey of senior IT security professionals revealed that 52% of respondents are “not confident” that that their IT staff could detect the presence of an attacker who was attempting to breach their network or extract private data.

The survey from Lieberman Software polled nearly 200 attendees at the recent Black Hat USA Conference in Las Vegas, and found that more than a third of respondents (36%) did not think their organizations’ existing products and processes could keep up with new and emerging threats in general.

That’s not to say that security staff are unaware of the cyber-espionage issue (and the rising threat tide overall) – most are taking steps to fix it. A majority (63%) of respondents said that they believed that a state-sponsored hacker would attempt to breach their organization in the next six months. In order to try and combat that, 90% had made efforts to protect themselves.

This included 90% of them giving user training to protect against APTs, while the same number had also added new security appliances. About 89% had carried out endpoint testing to protect against APTs. Also, 81% of respondents’ organizations carry out penetration testing.

“The fact that businesses acknowledge what a challenge APTs present to their networks and are willing to do something about it proves that this is no smokescreen,” said Philip Lieberman, president and CEO of Lieberman Software, in a statement. “As our survey found, almost 90% of the senior IT security professionals we spoke to at Black Hat had invested in penetration testing services or education of users, and it is good to see such a high number making preparations for the worst eventuality.”

That worst eventuality is pretty bad, according to the respondents. More than 74% said they are not confident that their network has never been breached by a foreign state-sponsored attack or an APT. Nearly 58% of those surveyed think that the US is losing the battle against state-sponsored attacks. And, an overwhelming 96% of respondents think the hacking landscape is only going to get worse.

“The hacking landscape will be getting much worse over time,” said Amar Singh, ISACA Security Advisory Group Chair, in the report. “The icing on the cake, from the malicious hackers’ perspective, will be when the world fully embraces IPV6, the next-generation internet protocol that will allow every single human being on this planet to own at least 2000 fixed and permanent cyberspace addressees. Think about the attack surface when your TV, your watch, your wristband, your car's engine, your car's brake systems have a unique cyber space address and these devices will be always connected to cyberspace!”

Overall, the survey turns up the fact that the threat of state-sponsored attacks and APTs is considered an extremely serious issue for IT security personnel. Most said that the probing of IT infrastructures in both corporate and government environments is likely occurring constantly, and attacks are being launched frequently.

“Since I would assume that state-sponsored attacks are a covert operation, it sort of begs the question whether anyone can know the full extent,” noted Martyn Croft, CIO of The Salvation Army UK, in the report. “I guess a certain amount of inference from the known attacks, e.g. Stuxnet, would lead one to believe that it's become a commonplace occurrence.”

While the findings from this survey indicate that these types of attacks are very difficult to identify, let alone stop, Lieberman added that the 10% of respondents that are content to rely on existing defenses should be considered a shocking number.

“What was also striking was that more than a third felt that their current IT infrastructure was insufficient in the face of a heavy-set attack, yet not all of the respondents were prepared to do something about it,” he said. “I wonder if they feel that sitting tight and hoping for the best is efficient and sufficient protection.”

What’s hot on Infosecurity Magazine?