Threat Research

Six Reasons Why Attackers Successfully Exploit the Security Gap

Earlier this month, our CEO, Kevin Mandia testified before the Senate Judiciary Subcommittee on Crime and Terrorism on cyber threats and the release of our APT 1 report. He focused his testimony on three areas: cyber threats facing businesses, countering the threats, and law enforcement's role in helping protect businesses and their intellectual property. In his testimony, Kevin focused on advanced targeted threats that organizations are unable to prevent. He specifically lays out the following reasons why attackers continue to exploit the security gap successfully:

  1. Sophisticated, cutting-edge attacks that were previously reserved solely for government targets have now spread to the private sector.
  2. Previous generations of attacks targeted technology and exploited vulnerabilities in software, but attackers have now evolved to target human inadequacies and weaknesses.
  3. More attacks are coming from the "inside." That is more secure companies may be attacked through their less secure partners or vendors.
  4. The imbalance of cyber-attackers against the limited number of defenders in the U.S.
  5. Advanced attackers reside in nations that not only refuse to hold attackers accountable for their crimes, but provide resources and direction to the attackers.
  6. One of the most valuable resources in detecting and responding to cyber-attacks - accurate and timely threat information - is often unavailable to many defenders.

Due to these factors, there are two types of organizations today: ones that know they have been compromised and ones that do not know that they've been compromised, according to Kevin.