TMCnet News
Blumira Releases 2022 State of Detection and Response Report, Revealing Identity-Based Attacks as Top Threat in 2022Report aggregated data from hundreds of organizations to identify key threats affecting organizations today ANN ARBOR, Mich., May 25, 2022 /PRNewswire/ -- Blumira, a leading cybersecurity provider of automated threat detection and response technology, today released the 2022 State of Detection and Response Report, a new research report that analyzed Blumira's security detections across log datasets of 230 organizations. The report revealed identity-based attacks and living off the land behaviors as top threats organizations faced in 2021. Blumira released this report under the backdrop of an increasingly challenging threat landscape, with ransomware, software supply chain attacks, data breaches, and more becoming an almost daily occurrence. Attacker dwell time is also decreasing; ransomware attacks happen quickly from initial compromise to infection and deployment. According to IBM's 2021 Cost of a Data Breach Report, the average time to detect and respond to a breach is 287 days. Breach lifecycles that take longer than 200 days result in major impact and 35% higher breach costs for organizations, pointing to the need for solutions that provide faster time to detect and respond, including initial deployment. "Organizations, especially small and medium-sized businesses, need help with faster detection and response to keep up with latest threats and protect against breaches," said Jim Simpson, CEO of Blumira. "Expediting time to security for faster response is key to better overall security outcomes." An analysis of Blumira's average time to detect a threat was 32 minutes, while the average time to respond, or how quickly an organization closed out a finding, was six hours. Compared to the industry average, Blumira's time to detect and to respond is 99% faster. Research Key Findings Identity-based attacks surged - Access attempts were a common theme, as the pandemic forced many organizations to move to cloud services to support their remote employees. For organizations without a solid understanding of their exposed attack surface, moving to a cloud environment only highlighted that knowledge gap. Threat actors take advantage of those knowledge gaps by exploiting, misusing or stealing user idenities. Attempts to authenticate into a honeypot, or a fake login page designed especially to lure attackers, was Blumira's #1 finding of 2021. Identity-driven techniques accounted for three out of Blumira's top five findings at 60%. Cloud environments are particularly vulnerable to identity-based attacks such as credential stuffing, phishing, password spraying and more. Rapid detection of these attacks can enable organizations to respond and contain an identity-based attack faster, helping stop an attack from progressing further. Living off the land techniques are a common threat - Research also observed usage of living off the land (LotL) techniques, or threat actors leveraging built-in tools that make it appear as though they are legitimate users within an organization's environment. Among Blumira's top findings were various instances of living off the land techniques, including: Taking place over days or weeks, these types of attacks can go undetected by endpoint detection and response (EDR) solutions that rely on the detection of known malicious tools. By that time, it may be too late—for example, when an attacker introduces malware into the environment. Microsoft 365 Activity - Microsoft 365 is one of the most popular cloud productivity suites, and Blumira's findings revealed patterns of Microsoft-related activity, including activity associated with password spraying, lateral movement and business email compromise. SIEM Adoption in 2022 To download the full report, click here. Visit Blumira at RSA For more information about Blumira, please visit https://www.blumira.com. About Blumira Media Contact: View original content to download multimedia:https://www.prnewswire.com/news-releases/blumira-releases-2022-state-of-detection-and-response-report-revealing-identity-based-attacks-as-top-threat-in-2022-301554373.html SOURCE Blumira |