A successful targeted attack against a large company can cause damages of up to $2.4 million. This according to B2B International which, along with Kaspersky Lab, conducted the 2013 Global Corporate IT Security Risks survey this spring. Targeted attacks are one of the most dangerous types of cyber threats, as professional cybercriminals are typically involved in their preparation and launch. These criminals have substantial financial resources and extensive expertise in IT. Furthermore, the end goals of these attacks are typically secret or confidential information from a specific company. Leakage of this data could lead to significant losses.
Just how big can these losses be? According to the data collected by B2B International analysts, on average these incidents cost a company up to $2.4 million, of which approximately $2.17 million stems directly from the incident itself in the form of losses from critical data leakages, business interruptions, and expenses for remediation specialist services (lawyers, IT security professionals, etc.). Companies face an approximate additional $224,000 bill for actions taken to prevent such incidents from taking place again in the future — updating software and hardware, and hiring and training staff.
Company losses resulting from targeted attacks on SMEs (Small and Medium Enterprises) are noticeably lower, at approximately $92,000 per incident, but considering the size of these companies (with an average of about 100-200 employees), the blow suffered by the company is still substantial. Of that $92,000, approximately $72,000 goes directly to incident remediation, while another $20,000 goes toward preventing similar incidents in the future.
Other types of costly attack
Although targeted attacks cause the highest financial costs, they are not the only kind of attack – indeed, at present, they are not even the most common threat companies face. About 9% of respondents noted that their companies had been subjected to a targeted attack over the previous 12 months. A far higher percentage of companies (24%) reported that their network infrastructures had been hacked. For large companies, these types of attacks can run up damages of $1.67 million ($73,000 for SMEs), and are considered the second most costly type of attack. Intentional leaks of corporate data were suffered by 19% of companies, and the resulting financial losses came to an average of $984,000 ($51,000 for SMEs). Attacks exploiting common software vulnerabilities affected 39% of companies. Large corporations incurred an average of $661,000 in damages from these types of attacks, while SMEs incurred roughly $61,000 in damages.
The proper preventative measures
Targeted attacks are complex and typically involve a long period of preparation during which malicious users try to find the weak points in a corporation’s IT infrastructure and locate the tools necessary to launch the attack. Fighting this type of threat with antivirus alone is not possible, although effective antivirus solutions are available to handle other kinds of threats. A corporate solution using modern, proactive threat detection technologies can help protect a company against both targeted attacks and other dangerous IT threats.
Kaspersky Endpoint Security for Business is one of the best corporate solutions available today. Among other components, it includes Automatic Exploit Prevention — a technology that helps identify targeted attacks involving zero-day exploits which target vulnerabilities in software running on company computers. What’s more, the Whitelisting module, which works in partnership with other proactive security technologies and updates automatically, can prove to be especially effective in counteracting targeted attacks if a dangerous vulnerability is detected in any of the legitimate programs in the Whitelisting database. Dynamic Whitelisting technology, which is built into Kaspersky Endpoint Security for Business, has been very well received by independent experts. Unlike many other corporate solutions, which typically only include blacklist and whitelist databases, Kaspersky Lab’s Whitelisting technology works continuously with the other components included in Kaspersky Endpoint Security for Business, which among other things leads to a very high level of protection both for the Whitelisting database itself, and corporate computers and workstations.
