Here’s why your security team needs to be vigilant about defending what’s behind your firewall and proactively seek and stamp out the threats that lie beyond it.
The risks to any company’s data grow exponentially as their online presence expands. Each touchpoint you establish with your clients and business partners creates more opportunities for breaches. We did some analysis to understand what can happen in a single evil Internet minute. What was found was fairly grim, as you’ll read momentarily.
The upshot is that by understanding exactly what you’re up against, you can better allocate resources to your threat hunting strategies. Here are some of the key findings from our evil minute analyses:
Magecart Claims a Victim Every .07 Seconds
Magecart is a notorious hacker group that deploys credit card-skimming tactics in its hacks. It was found that Magecart hit e-commerce sites every 0.7 secondsOpens a new window . Among its most visible victims was Ticketmaster, though the group breached more than 800 sites in total.
Threat actors are becoming more efficient and sophisticated, which should trouble business owners and security teams. Rather than pursuing a single e-commerce target, for instance, they’ll go after a third-party supplier site where they can do more damage with a single blow.
The cost of these attacks is enormous — on average, large businesses lose $222 a minute, or $11.7 million a year, to cyber attacks.
Every Minute Represents Thousands of Leaked Records
More than 5,500 records from publicly-disclosed incidents leak each minute, according to research. That means your company must be able to capture data on threat actors so you can use their previous behavioral patterns to prevent them from striking again.
You can gather this data with the help of web crawlers that can identify the relationships between pages while collecting information through passive DNS and SSL certificate databases. These are the types of indicators one should use to identify and mitigate threats because it’s such rich data that allows us to see attacks forming before they happen.
$171,233 Can be Lost in 60 Seconds
Companies currently invest $171,233 per minute in defending their attack surfaces. The scope of threat activity is so vast that despite those investments, 1,861 people become cybercrime victims each minute.
There is simply no way for security teams to manually combat the problem. You need a reliable, dynamic platform that constantly and automatically gathers data that you can use to assess and respond to threats.
Making Every Minute Count
To understand the mind of a threat actor or organization, you need to remember that they are essentially running a business, too, only they trade in cyber attacks and theft. So, your best strategy is to make their business unprofitable.
Uncovering and burning threat infrastructure, including IP addresses and web domains, delivers a serious blow to threat actors. Every time this happens, they need to create a new infrastructure, and they have to decide whether it’s worth investing more resources in a second attempt.
But staying ahead of malicious actors requires ongoing investment. Security isn’t one-and-done; the demands and threats are constantly changing. The only way to win this never-ending war is to constantly be ahead of the battle — and every minute counts.