Bit9 - Organizations Lack Visibility on Malware Attacks

The survey conducted by Cyber-security software maker Bit9 as 2013 Cyber Security Survey reveals that many organizations affected by malware in last year had no clue how malware had circumvented their security or suspected that their expensive antivirus defenses had failed to spot the malware.

Not surprisingly, 7 out of 10 of 250 US and UK IT (Information Technology) managers who identified PC (that is, not smartphones or tablets) as the soft underbelly. It is acknowledged for some time that security staff understands that cybercriminals see Windows as the easiest door to enter any organization.

More alarming was that out of 47% of victims, who had experienced no less than one (or
1) cyberattack, a surprising number seemed to be unware of how malware have been employed in their computer. 40% believed that it had evaded AV (antivirus), 27% believed that it circumvented security of their network, 25% believed that it had come through a USB (Universal serial bus) device, 17% believed that it had come from a mobile gadget and 31% admitted that they had no clue.

The most amazing statistic is that 13% of respondents said that they did not know whether they had experienced any attack in last year.

Cnmeonline.com published a statement on 28th August, 2013 quoting Nick levay, CSO (Chief Security Officer) of Bit9 as saying: "That's shocking. I was expecting single-digit or low single-digit number in that category. According to my experience, everybody has experienced a steady stream of attacks."

Many pundits operating in the security arena corroborated this trend and explained that enterprises are not competent to keep up with sophisticated attacks owing to pitiable visibility across remote systems.

Darkreading.com published news on 28th August, 2013 quoting Vann Abernethy, Senior Product Manager at NSFOCUS as saying that many organizations have tainted machines and don't even know it while emphasizing the advanced character of certain malicious software. Some sophisticated malware variants can progress laterally in an enterprise to evade detection and then become inactive for long time and then correspond back to its command and control using encryption or turn off common AV solution."

» SPAMfighter News - 9/7/2013