Hackers stay longer in compromised EMEA networks – Mandiant
Traditional methods including spear phishing and social engineering still account for more than a third of hacker attacks.
A new study by Mandiant reports that many hacked European organisations are re–compromised within months of an initial attack, in a similar way to how burglars revisit homes and offices they’ve already successfully robbed. Outdated “forensic” or “follow the breadcrumbs” approaches – used by some in the US a decade ago – means many European organisation are missing threats on their networks.
Breach notifications from external agencies are very low, indicating that businesses cannot rely on local governments to detect and alert them about a breach.
Fewer than one in eight (12 per cent) of breach notifications in EMEA last year came from an external source, FireEye/Mandiant reports.
While organisations discovered breaches internally 88 per cent of the time, this often came too late in the process.
FireEye’s incident response business further reports the mean “dwell time” for breaches in EMEA is 469 days, versus 146 globally. ®
Sponsored: Rise of the machines