View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Cybersecurity
December 12, 2013

91% of organisations have suffered a cyber-attack at least once in last 12 months

Kaspsersky reveals that 9% were the victims of targeted attacks.

By Cbr Rolling Blog

Kaspersky Lab’s latest threat report for 2013 has revealed that the potential for cyber attacks is so great that malicious programs may soon completely replace company insiders as the way of gathering information.

"2013 saw some major disclosures about spyware-led attacks that were related, directly or indirectly, to the activities of various governments’ agencies. Other significant actors on the corporate cyber threat scene were businesses that turned to cybercriminals to penetrate their competitors’ networks," said the report.

The report went on to reveal that outsourced cyber-criminal forces performed operations that were usually aimed at stealing information. Other attacks were based on sabotage – using malicious programs to wipe data or block infrastructure operations. Some special Trojan programs were capable of stealing money via online banking systems. Cyber-criminals could also compromise corporate sites and redirect visitors to malicious resources, damaging a company’s reputation. Financial losses were caused by a DDoS attack, which can close down a company’s public-facing website for several days. Clients start looking for a more reliable company, which results in long-term financial losses.

Vitaly Kamluk, Principal Security Researcher of Kaspersky Lab’s Global Research and Analysis Team, said, "Mass distribution of malicious programs can affect any company, even a small commercial organisation, resulting in the loss of money and intellectual property. Cybercriminals are continuously improving their malware, using unconventional approaches and solutions, from so-called encryptors and shredders that spread like the plague in a corporate environment, to an army of zombies that devours every available resource on web servers and data transfer networks.

"In 2013 we also fixed the first case of targeting supply chains – not being able to reach big organisations, cybercriminals get their ‘weak point’, compromising contractors, as in the Icefog attacks."

Over the past few years, Kaspersky Lab’s experts have observed big and noisy APT gangs all over the world targeting large numbers of organisations from almost all sectors. They stayed in compromised networks for weeks and even months at a time, stealing every shred of information they could get. However, that approach stands less and less chance of going unnoticed for long, damaging their prospects of success.

That’s why a new emerging trend is witnessed: small hit-and-run gangs that attack with surgical precision. They appear to have good knowledge of what they need from the victims. Basically, this kind of attacker comes along, steals what they want and leave. Kaspersky Lab’s experts have named them "cyber mercenaries" – an organised group of people conducting cyber espionage/cyber sabotage activities on demand, following the orders of anyone who pays them.

Content from our partners
GenAI cybersecurity: "A super-human analyst, with a brain the size of a planet."
Cloud, AI, and cyber security – highlights from DTX Manchester
Infosecurity Europe 2024: Rethink the power of infosecurity

Icefog, which was discovered this autumn, appears to be an example of this – an APT campaign in search of specifically required data. Manual analysis of the data stored in corporate networks was used with the help of remote-access technologies integrated into malware on infected workstations. Subsequently the cyber criminals selected and copied the documents that they wanted.

Kaspersky Lab’s analysts expect this trend to grow in future, and more small groups of cyber mercenaries will be available for hire to perform surgical hit-and-run operations.

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how Progressive Media Investments may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.