sb-nz logo
Story image

APAC takes 520 days too long to respond to threats, says FireEye

30 Aug 2016

New research has found that it is taking the entire Asia Pacific region much longer than the rest of the world to detect cyber threats: a median 520 days compared to a global median of just 146.

FireEye released its Mandiant M-Trends Asia Pacific report, which examines cyber threat data gained from Mandiant investigations last year.

“The median time between compromise and detection in the Asia Pacific region is more than 17 months, which is plenty of time for any attacker to push through with their objectives,” says Tim Wellsmore, director of threat intelligence and consulting at FireEye A/NZ.

What's more, some hacking tools have exclusively targeted organisations in the Asia Pacific region. Furthermore, a large 45% of security incidents come from internal sources.

“To put this into perspective, one of our ‘red teams’ can capture domain administrator credentials in an average of three days after gaining access to an environment. Once these credentials are obtained, it is just a matter of time until an attacker can find and steal just about any information they want," Wellsmore continues.

From the data, FireEye discovered that an average of 3.7GB of data was stolen in every organisation - and Wellsmore believes that even a few compromised machines are unacceptable.

“We consider this approach to be inadequate for enterprise-scale incidents. It is just too difficult to identify all of the compromised machines - efforts to address the threat are easily circumvented as attackers are tipped off and stay in the environment or quickly regain access," he says.

The research also found that most Asia-Pacific breaches are never disclosed as there are few effective laws in place for this.

“Unfortunately being unprepared for a breach is business as usual in Asia Pacific, and the region’s governments and boards need to address this further,” said Rob van der Ende, vice president for Mandiant Consulting, Asia Pacific and Japan at FireEye.

With Asia Pacific organisations simply unprepared with little to no basic response processes from attacks, the culture towards cybersecurity needs to change, FireEye says.

The research showed that while forensic investigations were somewhat common, they never solved the problem or eliminated the hackers. Instead, some organisations only made things worse by destroying evidence.

“To significantly improve, organisations must bring together the technology, threat intelligence and expertise necessary to quickly detect and respond to cyber attacks. Firms can benefit by embracing modern response techniques rather than legacy approaches, which often fail to find the attacker’s needle in the haystack," van Der Ende concludes.

Story image
Zoom to begin rolling out end-to-end encryption
Available starting from next week, it represents the first phase out of four of the company’s greater E2EE offering, which was announced in May following backlash that the company was lax on its security and privacy.More
Story image
Research: Younger cybersecurity pros more fearful of being replaced by AI
According to the findings, 53% of respondents under 45 years old either agreed or strongly agreed that AI and ML are a threat to their job security, despite 89% of this demographic believing that it would improve their jobs.More
Story image
Cybersecurity market continues meteoric ascent
With the increase in cyberattacks, organisations are continuing to spend more money on security. However, without a focused cybersecurity strategy, they often spend it in the wrong areas.More
Link image
How to head off a rise in DDoS attacks
Many businesses invest in costly DDoS mitigation and protection solutions, but few test them. NCC Group tests all environments and is one of only two AWS DDoS Test Partners. Claim 10% off your next DDoS service today.More
Story image
NZX, Metservice attacks show Kiwi companies must rethink cyber security
The attacks are a wake-up call for New Zealand businesses to step up their threat protection and contingency planning systems.More
Story image
Why IT and HR must work together to help businesses weather the storm
Employers are striving to balance team productivity, security and employee engagement. If remote work is the new norm, it’s impossible to ignore the challenging nature of the situation, writes Gigamon manager for A/NZ George Tsoukas.More