Cybercriminals are evolving their attack methods and often use multiple payloads to maximise profits. According to a recent survey by IT security firm Sophos, phishing emails impacted one in two Indian organisations that were hit by a cyberattack. The global survey, The Impossible Puzzle of Cybersecurity, reveals IT managers are inundated with cyberattacks from different directions and are struggling to keep up due to a lack of security expertise, budget and up to date technology.
The survey polled 3,100 IT decision makers from mid-sized businesses in the US, Canada, Mexico, Colombia, Brazil, UK, France, Germany, Australia, Japan, India, and South Africa. The survey revealed that attack techniques were varied and often multi-staged, increasing the difficulty to defend networks. One in six IT managers surveyed didn’t know how they were breached, and the diversity of attack methods means no one defensive strategy is a silver bullet.
“Software exploits were the initial point of entry in 41% of incidents, but they were also used in some fashion in 35% of all attacks, demonstrating how exploits are used at multiple stages of the attack chain,” said Sunil Sharma, managing director – sales, Sophos India & Saarc.
“Organisations that are only patching externally facing high-risk servers are left vulnerable internally and cybercriminals are taking advantage of this and other security lapses.”
