Cyberattack traffic increased significantly in 2018, according to research by F-Secure, but companies are struggling to detect incidents.
The Finnish cybersecurity giant monitored a network of decoy honeypots, which are designed to look like conventional websites and networks commonly targeted by attackers. These are used to research the methods attackers use, as well as get a picture of wider changes in cyberattack traffic.
F-Secure found that such traffic climbed 32% from 2017 to 2018. Notably, the second half of 2018 saw a dramatic surge, growing 400% from the first half.
It is likely that this increase has also occurred across the wider online world, suggesting that companies are being attacked more frequently. However, this does not mean they are aware this is happening.
Companies are struggling to detect cyberattack traffic
According to research by F-Secure, companies do not have the ability to see much of the cyberattack traffic that makes it past common defences such as firewalls and endpoint protection solutions.
In a survey by the company, 22% of companies failed to detect a single attack across 12 months, while 20% detected just one attack and 31% detected 2-5.
The real numbers are likely to be dramatically higher.
Among F-Secure’s own clients, the company detected 15 attacks in just one month at a company with 1,300 end-user devices connected to its network, also known as endpoints. At another company with 325 endpoints, the number was seven in a single month.
This indicates a lack of understanding by companies of the reality of what is going on in their network when it comes to cyberattack traffic.
“Today’s threats are completely different from 10 or even 5 years ago. Preventative measures and strategies won’t stop everything anymore, so I’ve no doubt that many of the companies surveyed don’t have a full picture of what’s going on with their security,” said Leszek Tasiemski, vice president of Cyber Security Products Research & Development at F-Secure.
“Many organisations don’t really value security until an incident threatens to cost them a lot of money, so I’m not completely surprised that there are companies detecting zero attacks over the course of a year.”