Detection capabilities improve, but ransomware surges on

2021-04-14 04:30

While last year's report noted a drop in internal detections of intrusions compared to the previous year, experts observed a return of organizations independently detecting most of their own incidents.

Organizations located in the Americas led the internal detection trendline at 61%, followed by EMEA and APAC closely aligned at 53% and 52%, respectively.

In comparison, APAC and EMEA organizations received more notifications of compromise from external entities, versus North America organizations.

"While organizations continue to improve their ability to discover compromises within their environments, containing adversaries today comes with unique challenges. The consequences of a global pandemic forced companies to rethink how they operate and move to a remote workforce. This change resulted in VPN infrastructure, video conferencing, collaboration and knowledge sharing platforms becoming business-critical systems and changing the attack surface of organizations."

"Multifaceted extortion and ransomware are the most prevalent threats to organizations. In this year's report, direct financial gain was the likely motive for at least 36% of the intrusions we investigated."

"Data theft and reselling of unauthorized access to victim organizations remain high as multifaceted extortion and ransomware actors have trended away from purely opportunistic campaigns in favor of targeting organizations that are more likely to pay large extortion demands. Given this surge, organizations must take proactive action to mitigate the potential impact," said Charles Carmakal, Sr VP and CTO, Mandiant.

News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/s20uNdN_6pw/

#ransomware