Check Point survey reveals more than half of targeted attacks reported were driven by financial fraud

Check Point Software Technologies. (Nasdaq: CHKP), the worldwide leader in securing the Internet, today announced the results of a new survey, revealing 65% of organisations that experienced targeted attacks report the hacker’s motivation was driven by financial fraud, and resulted in business disruption and the loss of sensitive information, including intellectual property and trade secrets.

The report: ‘The Impact of Cybercrime on Businesses’, also showed companies reporting an average of 66 new security attack attempts per week, with successful incidents costing businesses anywhere from $100 000 to $300 000. Among the list of top threats, denial of service (DOS) attacks were said to pose the greatest risk to organisations.

Cyber criminals today are increasingly leveraging malware, bots and other forms of sophisticated threats to attack organisations for various reasons – from financial gain and disruption of business operations to data theft or attacks driven by political agendas. Regardless of motivation, new variants of malware are being generated on a daily basis, often targeting multiple sites and organisations to increase the likelihood of an attack’s initial success and the potential for threats to spread quietly throughout an organisation.

“Cyber criminals are no longer isolated amateurs. They belong to well-structured organisations, often employing highly-skilled hackers to execute targeted attacks, many of whom receive significant amounts of money depending on the region and nature of the attack,” said Tomer Teller, security evangelist and researcher at Check Point Software Technologies. “Cyber crime has become a business. With bot toolkits for hackers selling today for the mere price of $500, it gives people insight into how big the problem has become, and the importance of implementing pre-emptive protections to safeguard critical assets.”

According to the survey, SQL injections were cited as the most serious types of attacks organisations had experienced in the last two years, and more than one-third of respondents had each experienced APTs, botnet infections and DOS attacks. Following investigations of targeted threats, respondents reported the biggest consequences were a disruption to their business and the loss of sensitive data and intellectual property.

“For the most part, the goal of attackers is to obtain valuable information. These days, credit card data shares space on the shelves of virtual hacking stores with items such as employee records and Facebook or e-mail log-ins, as well as zero-day exploits that can be stolen and sold on the black market, ranging anywhere from $10 000 to $500 000,” added Teller. “Unfortunately, the rate of cyber crime seems to be climbing as businesses experience a surge in Web 2.0 use and mobile computing in corporate environments – giving hackers more channels of communication and vulnerable entry points into the network.”

“Companies are constantly facing new and costly security risks from both internal and external sources that can jeopardise the business,” said Dr Larry Ponemon, chairman and founder, Ponemon Institute. “While the types of threats and level of concern companies have may vary across regions, the good news is that security awareness is rising. Across the board, C-level executives reported high levels of concern about targeted attacks and planned to implement security precautions, technology and training to mitigate the risk of targeted attacks.”

Key findings from the report:

* Primary motivations of targeted threats – Following investigations of cyber attacks within organisations surveyed, the majority of respondents reported financial fraud (65%) as the cyber criminal’s primary motivation, followed by intent to disrupt business operations (45%) and stealing customer data (45%). Approximately 5% of security attacks were estimated to have been driven by political or ideological agendas.

* Cyber crime comes in all shapes and forms – On average, respondents reported SQL injections as the most serious security attacks experienced in the last two years, and more than one-third of respondents said they experienced APTs (35%), botnet infections (33%) and DOS attacks (32%).

* Targeted attacks continue to be costly – Survey participants estimated a single, successful targeted attack costing an average of $214 000 USD. In Germany, respondents reported a higher average estimate of $300 000 per incident, and Brazil with a lower average of $100 000 per incident. Estimates include variables such as forensic investigation, investments in technology and brand recovery costs.

* Most common threat vectors – When asked to rank employee activities that pose the greatest risk, all regions unanimously cited the use of mobile devices – including smartphones and tablet PCs – as the biggest concern, followed by social networks and removable media devices such as USB sticks.

* Current technology investments – While the majority of companies have important security building blocks in place, such as firewall and intrusion prevention solutions, less than half of companies surveyed have advanced protections to fight botnets and APTs. However, the majority of organisations in Germany and the US are beginning to deploy solutions more specific to addressing cyber risk such as anti-bot, application control and threat intelligence systems.

* Security training and awareness – Only 64% of companies say they have current training and awareness programmes in place to prevent targeted attacks.

Cyber criminals are focused on valuable data that is worth the time and risk; therefore, it has become imperative for enterprises to focus their security efforts there as well. Businesses should start by identifying critical data and assets and enforce multi-layered threat prevention. While thousands of companies have already been targets of bots and advanced threats, businesses have the responsibility to stop it from spreading.