Distributed denial of service (DDoS) attacks have got a lot of attention in the last several days given the one Dyn sustained against its Managed DNS infrastructure on Oct. 21 that caused widespread website outages across the internet for hours. DDoS is of course a known threat, and the majority of attacks that have occurred recently actually are known, a new report from AT&T underlines.
“The daunting depiction of newly discovered security threats often gets attention from media and business leaders alike. But in fact, most attackers are targeting businesses using forms of attacks we already know about and can help defend against,” Mo Katibeh, SVP of advanced solutions at AT&T explains. “In today’s digital age, businesses need to remain vigilant about deploying and updating core security protections, and in educating employees on how their actions might impact the company’s security.”
AT&T’s “The CEO’s Guide to Navigating the Threat Landscape” states that more than 90 percent of cyberattacks seen in the past year fell in the known category rather than something unknown and unstoppable. And having the right security measures may have helped prevent some attacks, the report stresses, since most cyberattacks impacting today’s businesses are said to be common threats.
The research also says that 90 percent of companies experienced a malware attack where infected software infiltrated their network in the past year. Ransomware and information-stealing software attacks reportedly increased sevenfold between July and August 2016. And in the past year, 73 percent of companies felt the pain of at least one DDoS attack, the report says.
Cracks in security protections obviously leave companies vulnerable, but other issues as simple as an employee clicking a bad link also can result in a breach. AT&T’s report notes that more than 7,000 businesses in the U.S. suffered total combined losses of around $740 million after employees fell victim to email-based phishing scams from 2013-2015.
Among the recommendations made by “The CEO’s Guide to Navigating the Threat Landscape” are that companies should ensure they’re updating defenses to protect against the threats already known as well as implementing new technologies with security in mind. The report is available here.