The gap between attack sophistication and available threat intelligence meant 31% of respondents said their organisation had suffered up to 20 successful attacks in the past 12 months - while 34% were unable to say exactly how many they had fallen victim to.
According to the survey of 140 UK IT and infosecurity professionals, the growing number of successful malware attacks is having a damaging impact upon business, in terms of both time spent and costs incurred when restoring and fixing systems after an attack. 28% of respondents stated that, on average, it took up to 10 days of IT staff time to remediate issues caused by a single attack. 33% said a malware attack cost on average between £10,000 and £50,000 to remediate.
These most recent findings further emphasise the growing challenge businesses face in tackling attacks from new, unknown malware, which were highlighted in Check Point’s 2014 Security Report published in May this year. The report, based on analysis of monitored security events from over 10,000 organisations worldwide across a range of industry sectors, found that 33% of organisations had downloaded infected files with unknown malware between June and December 2013.
Keith Bird, UK managing director for Check Point said: “It is becoming evident that there’s a widening gap between the developing sophistication of malware, and intelligence available on new threats to help block attacks. To cut the risks of exposure to external attacks, and to stop threats spreading, companies should enforce multiple threat prevention layers, including threat emulation or ‘sandboxing,’ and also look to use a range of real-time threat intelligence feeds to update their security solutions and help automatically prevent attacks.
“Only by adopting this kind of holistic approach will organisations start to see a decline in successful malware attacks and the resultant costs, in terms of time and money, in remedying the issues that these attacks cause.”
Survey respondents highlighted a number of factors contributing to malware attacks being more successful, including: more zero-day exploits that weren’t detected by anti-virus solutions (15%); a lack of useful intelligence about new threats (14%); and smarter social engineering tactics by malware authors that tricked users (12%).
Check Point recently launched its new Threat Cloud IntelliStore, a unique threat intelligence marketplace that enables organizations to select intelligence feeds that will automatically prevent cyber-attacks. It builds upon Check Point’s core security intelligence infrastructure: ThreatCloud™ - the first collaborative security infrastructure to fight cybercrime. ThreatCloud dynamically delivers real-time threat intelligence derived from Check Point research, global data sensors, industry feeds and specialised intelligence feeds from the ThreatCloud IntelliStore.
The Check Point survey gauged the opinions of 140 IT and infosecurity professionals across a range of UK companies from the public and private sectors.