Canadian organizations are paying more attention than ever to cybersecurity, and if a recent survey is representative they may have something to show for it.
The average number of breaches suffered by the 251 CISO/CIOs served in March dropped to 1.10 from 2.45 in a survey done last October 2019, and 3.42 in the survey done in February 2019. The latest survey was sponsored by VMware Carbon Black.
However, all of the respondents in the most recent survey said they had suffered at least one breach of security controls in the previous 12 months. That’s the highest number in the three-year history of the survey — and a leap from the 88 per cent who said they had been breached in the previous survey done in October 2019.
The data was released Tuesday as part of VMware Carbon Black’s global survey of just over 3,000 CISOs and CISOs in 14 countries.
“A staggering 99 per cent of Canadian organizations have seen an increase in the number of cyberattacks on their company in the last twelve months,” the report said. “This is a considerable increase from 82 per cent in October 2019 and 76 per cent in February 2019 and the highest attack frequency we have ever witnessed.”
Just over 31 per cent of Canadian respondents reported an average increase in attack volumes between 51 to 100 per cent.
This is up from the last report where only 11 per cent reported increases of this magnitude. Thirteen per cent of respondents said there had been an increase in attack volumes of between 101 and 300 per cent.
Custom malware was the most frequent type of threat seen by the Canadian respondents (23 per cent), followed by process hollowing (19 per cent), SSH attacks (13 per cent), commodity malware at 12 per cent and ransomware (three per cent).
Web applications were the top cause of attacks cited by Canadians (21 per cent), followed by OS vulnerability
(15 per cent) and third party application (13 per cent). Web application attacks were higher than average (26 per cent) in manufacturing and engineering. OS vulnerability attacks were very high in financial services (47.5 per cent).
Interestingly, despite only featuring in 2 per cent of the attacks experienced, island-hopping (attacking victims through partners or clients) was the cause of 10 per cent of breaches. The report says this indicates the vulnerability of extended enterprises to attacks originating in vendor organizations. Separate VMware Carbon Black research among incident response professionals found that island hopping was a feature in 41 per cent of the breach attempts they encountered.
“The leap in attack frequency revealed in this iteration of the report shows that however fast Canadian businesses may be adapting to the intensifying environment, the cyber threat landscape is evolving faster,” observed Rick McElroy, a VMware Carbon Black cybersecurity strategist.
Eighty-six per cent of respondents said attacks on their organizations have become more sophisticated, he noted, while 17.5 per cent said attacks have become “significantly” more advanced. His firm concludes adversaries are adopting more advanced tactics as the commoditization of malware is making more sophisticated attack techniques available to more cybercriminals.
Cyber attacks increasing during COVID
The global survey was conducted in March, too early to question CISOs and CIOs about the impact on their organizations of COVID-19. Therefore a follow-up survey of 1,002 respondents from the U.K, the U.S., Italy and Singapore were run.
Just over 91 per cent of those respondents said they had seen an increase in overall cyberattacks as a result of employees working from home. Just under a quarter (24 per cent) said that attack volumes had gone up by between 25 and 49 per cent.
Nearly half of respondents said there were very significant gaps around communication with their external parties as the pandemic spread, including with customers, prospects and partners. Overall, 84 per cent reported gaps ranging from severe to slight in communication with external parties.
Over a third (35 per cent) reported very significant gaps in disaster recovery planning in IT operations including hardware and software rollouts. Overall, 87 per cent reported gaps, be that severe or slight, in IT operations.
Just under a third (32 per cent) of global respondents found very significant gaps in their visibility into cybersecurity threats with an additional 38 per cent stating that there were slight gaps.
“The global situation with COVID-19 has put the spotlight on business resilience and disaster recovery planning,” said McElroy.
Those organizations that have delayed implementing multi-factor authentication appear to be facing challenges, as 29 per cent of global respondents say the inability to implement MFA is the biggest threat to business resilience they are facing right now.