Sunday, January 17, 08:05
Home security Most online attacks start from endpoints

Most online attacks start from endpoints


IT managers are more likely to detect cybercriminals on their servers and networks than anywhere else, according to research 7 Uncomfortable Truths of Endpoint Security of Sophos.

Discovering internet attacks

In fact, IT managers have discovered 37% of the most significant online attacks on their organization's servers and 37% on their networks.

Only 17% was discovered in endpoints and 10% was found on mobile devices. More than 3.100 IT managers from medium-sized businesses in 12 countries like USA, Canada, Mexico, Colombia, Brazil, the United Kingdom, France, Germany, Australia, Japan, India and South Africa.

"Servers store financial, labor and other sensitive data and with stricter laws such as GDPR, which require organizations to report any data breaches, servers' security packages are at a high level. "It makes sense for IT managers to focus on protecting critical business servers to prevent attackers from entering the network, which in turn leads to more hacker detection in these two areas," said Chester Wisniewski, chief researcher. Sophos. "However, IT managers can not ignore endpoints because most cyber attacks start from there, but a higher-than-expected number of IT managers still can not determine how threats enter the system."

Exposing the starting points of an attack

Twenty percent of IT managers who have been the victims of one or more cyber attacks last year can not detect how attackers gained access, and 17 percent do not know how long the threat was in their environment before they find it, according to the survey.

In order to improve this delay, IT managers need endpoint detection and response technology (EDR), which outlines the threat starting points and digital fingerprints of attackers running through a network.

"If IT managers do not know the origin or movement of an attack, then they cannot minimize the risk and break the chain of attack to prevent further penetration," Wisniewski said. “EDR helps IT managers identify risks and implement a process to secure the network. "If technology is more focused on detection, EDR can find, block and recover the threat faster."

Deep Defense

On average, organizations that are investigating one or more potential security incidents each month spend about 48 days a year (four days a month) to investigate them, according to the survey. Not surprisingly, IT managers rank 27%, Notification Management (18%), and 13% as the three key features needed by EDR solutions.

Most online attacks can stop within seconds in the endpoints without sending a notification. Stubborn attackers, including those running targeted ransomware such as SamSam, take the time they need to break a system by finding badly selected passwords on remote systems (RDP, VNC, VPN, etc.).

Fifty-seven percent of respondents said they are planning to implement an EDR solution within the next 12 months. The existence of EDR also contributes to addressing a skills gap. 80% of IT managers want to have a stronger team, according to the survey.


Please enter your comment!
Please enter your name here

Absent Mia
Absent Mia
Being your self, in a world that constantly tries to change you, is your greatest achievement


iPhone / iPad: How to close all Safari tabs at once

If you have dozens of Safari tabs open on your iPhone or iPad and want to close them quickly, it might be ...

Emotet has "evolved" and is at the top of the malware charts!

The infamous Emotet trojan returns to the top of the malware charts, having been "refreshed" and evolved to be more difficult to detect. The world ...

Signal: How to protect your messages with passcode?

In recent days the Signal messaging application has become quite popular. The Signal ...

The 5 best secure alternatives for WhatsApp

WhatsApp is one of the most popular messaging platforms, but it is definitely not accepted by everyone. Especially after his last ...

Android: How to see which apps have access to your site

It's no secret that smartphone apps have access to many permissions - if you let them. It is important to make sure ...

Canon lets you take pictures from space

Instead of releasing new cameras for CES 2021, Canon is doing something different: It lets you take pictures from space ....

Wikipedia vs Big tech: Who fights misinformation?

As Election Day turned into US Election Week, Facebook, Twitter and YouTube were trying to prevent ...

Tesla: It is called to recall cars due to problematic screens

The touch screen in some Tesla cars seems to have a problem, which could ...

Ransomware is responsible for half of all data breaches in hospitals

Almost half of the data breaches committed in hospitals and the wider healthcare sector are due to ransomware attacks, ...

Astronomers have just found the oldest oversized black hole

A quasar was discovered in a dark corner of space - over 13,03 billion light-years away - and contains a ...