Hackers adopt ‘school of fish’ approach as they sharpen focus on mid-sized businesses
January 2018 by eSentire
Rudimentary attacks, like information gathering, reputation blocks, fraud, and brute force attacks, increased by 71% from 2016-2017, according to new data released by eSentire, Inc., the largest pure-play Managed Detection and Response (MDR) provider. The data represents a total volume rise in detected events from 15 million in 2016, to 21 million last year.
© Sebastian Kaulitzki
Reports demonstrate a marked technique shift by attackers who favor obfuscation techniques that evade standard perimeter controls. The data, collected from eSentire’s best-in-class threat monitoring technologies, spans thousands of private and public cloud sources across the company’s 600+ client base, and includes primarily mid-sized businesses in the finance, legal, healthcare, technology, and insurance industries.
“It’s not that businesses don’t need prevention technologies, rather, you need to be able to detect when those technologies are being bypassed and intervene immediately,” said J.Paul Haynes, eSentire CEO.
In its 2017 Market Guide for Managed Detection and Response Services, Gartner states that: “Organizations are looking to improve real-time threat detection and incident response capabilities; however, they often struggle to invest limited resources in the required people, processes and technology. Managed detection and response improves threat detection monitoring and incident response capabilities via a turnkey approach to detecting threats that have bypassed other controls.”
“Last year’s monster breaches, like WannaCry, affected countless mid-sized businesses, and since those attacks, we’ve seen a steady rise in organizations proactively seeking measures to safe-guard against similar attacks,” said Haynes. “Mid-sized enterprises have similar cyber risk profiles to large enterprises, yet a fraction of the budget to invest in detection and responses capabilities.”
MDR is the fastest growing segment in cybersecurity as firms of all sizes struggle to acquire and retain the threat hunting skills, advanced cyber technologies, and threat intelligence processes to continuously anticipate the next move the ‘school of fish’ is making.
“This new data supports an existential problem when it comes to defending against threats,” said Haynes. “Early breach indicators are measured in minutes and hours, and countermeasures need to be deployed in near real-time. In our world, it is not the 200+ days to detect which you read in the headlines, it’s now!”
As the largest pure-play MDR provider, eSentire saw significant market expansion in 2017, with in excess of 60% year-over-year revenue growth. Today, the company maintains a 97% customer retention rate.
“At the end of the day, while the volume of attacks continues to rise, combining endpoint, network, and threat intelligence data equips eSentire’s threat hunters with the richest possible data allowing faster decision making, investigations, and the ability to disrupt attacks,” said Haynes. “Ultimately, businesses need to avoid greater financial losses and need more than traditional prevention technologies to achieve that.”