Survey: Endpoints Still Vulnerable to Breaches Despite Advancements in Antivirus Technologies
April 2018 by Minerva Labs
Minerva Labs announced the results of a survey of 600 IT security professionals which found endpoint security solutions are failing to provide adequate protections to address today’s security threats, specifically malware. A majority of the respondents surveyed indicated a heightened concern of a major malware breach in the coming year and acknowledged that they require more than an antivirus (AV) solution on the endpoint to combat the rising threat.
After a year of massive ransomware outbreaks, NSA state-grade exploit leaks, and an extraordinary number of cybersecurity meltdowns, defenders are not getting ahead despite the continued innovation in endpoint security technologies. The uptick in attacks demonstrates that attackers are not standing still, and evasion methods are becoming increasingly accessible. In fact, nearly half of the respondents surveyed (48%) said that they have seen about the same number of malware infections than previous years while almost one-third (32%) claim to have seen an increase in malware infections. This further corresponds with the extent to which respondents feel their current endpoint defenses are protecting them against modern malware threats: three-quarters of respondents deemed their existing anti-malware solutions to be able to prevent no more than 70% of infections.
These findings demonstrate that today’s endpoint solutions cannot address sophisticated malware, specifically those threats that use evasion techniques. According to the Minerva Labs survey, the malware evasion techniques that posed the biggest concern are avoidance of malware analysis and forensic tools (32%) followed by fileless or memory injection attacks (24%). Attacks that use malicious documents also raised concerns (24%). Two-thirds of respondents (67%) were concerned that existing controls won’t prevent a significant malware attack on the endpoints. Furthermore, the survey found that over half of the respondents (53%) preferred adding a meaningful layer to their endpoint security stack instead of completely replacing their existing AV.
Nearly 39% of IT leaders said that besides security benefits, the other operational aspects they find most important when adding a security layer on the endpoint is the ability for it to work even on low-resource systems. 28% expressed easy deployment and upgrades across multiple endpoints were important while 18% valued the ability to not interfere with current business applications. With the increase in ransomware and other malware threats, the time it takes to remediate these attacks is crucial to enterprises today. The good news is that 41% of respondents said that when faced with a compromised endpoint, within hours the endpoint is restored to a normal state. However, there is still some room for major improvements, as more than 40% said it takes days or weeks to return to a normal state.
“The results from our survey indicate that while malware threats are still growing, endpoints remain highly vulnerable to a cyber-attack,” said Eddy Bobritsky, Co-Founder & CEO of Minerva Labs. “We continue to see more complex and sophisticated threats, where traditional blocking and prevention mechanisms, such as antivirus, are no longer enough to keep endpoints safe. Beyond merely relying on baseline anti-malware solutions to protect endpoints, companies should strengthen their endpoint security architecture to get ahead of adversaries, such as blocking off attempts to get around existing security tools.”
The survey was conducted between February 8 and February 28, 2018 and reflects responses from more than 600 IT security decision makers including CISOs, senior management, and network and systems engineers.