Attacks/Breaches

7/30/2015
10:40 AM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Most Major Financial Hacks Completely Covered Up

Lieberman Software survey reveals most companies are persistently targeted by cyber attacks and the public only finds out about a small portion of security breaches

Los Angeles, CA – June 30, 2015 - Despite devastating cyber attacks being reported daily in today’s media, a new survey from Lieberman Software Corporation reveals that what we see in the press is just a glimpse of reality. 87 percent of IT professionals stated that they believe large financial hacks are happening more often than reported, and right under the nose of security auditors.

The survey also discovered that more than half (51 percent) of IT professionals believe their corporate network is being targeted continuously by hackers. Meanwhile, 71 percent of respondents think that an Advanced Persistent Threat attack will attempt to breach their organization in the next six months. The study was conducted at Microsoft Ignite in May 2015 and measured the attitudes of nearly 150 IT professionals.

Commenting on the survey findings, Philip Lieberman, CEO of Lieberman Software Corporation, said: “The fact that IT professionals believe that data breaches are occurring more frequently than reported is revealing. Due to today’s advanced cyber attacks, intruders are already within most IT environments, are undetectable, and have access to credentials on every compromised machine.”

“Of course, it’s unlikely any company will ever willingly go public about a data breach because of the negative impact it can have on the organization’s reputation and share price. However, this certainly does not mean keeping security incidents a secret is the right thing to do, particularly if customer data is involved.”

Attitudes on Federal Cyber Security Sanctions

Another finding from the study is that 89 percent of respondents believe that recently announced US federal government cyber security sanctions provide a deterrent to cyber criminals. The referenced sanctions allow the United States government to enforce financial and travel restrictions on suspected cyber criminals.

“The new sanctions are an excellent move to provide clarity and direction on how to take action against nation states and criminals who use cyber-space to achieve unlawful economic advantage against US commercial entities,” continued Lieberman. “I agree with the survey respondents that the changes will provide much needed relief for US companies victimized by state-sponsored cyber attacks, as well as clarity for US government agencies tasked with enforcing laws and treaties.”

For more information on the survey, visit http://www.liebsoft.com/IT-Professional-Survey/.

About Lieberman Software Corporation

Lieberman Software proactively stops cyber attacks that bypass conventional enterprise defenses and penetrate the network perimeter. The company provides award-winning privilege management and security management products to more than 1,400 customers worldwide, including nearly half of the US Fortune 50. By automatically securing privileged access - both on-premises and in the cloud - Lieberman Software controls access to systems with sensitive data, and defends against malicious insiders, zero day attacks and other advanced cyber threats. Lieberman Software is headquartered in Los Angeles, CA, with offices and channel partners located around the world. For more information, visit www.liebsoft.com.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Crowdsourced vs. Traditional Pen Testing
Alex Haynes, Chief Information Security Officer, CDL,  3/19/2019
BEC Scammer Pleads Guilty
Dark Reading Staff 3/20/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
5 Emerging Cyber Threats to Watch for in 2019
Online attackers are constantly developing new, innovative ways to break into the enterprise. This Dark Reading Tech Digest gives an in-depth look at five emerging attack trends and exploits your security team should look out for, along with helpful recommendations on how you can prevent your organization from falling victim.
Flash Poll
The State of Cyber Security Incident Response
The State of Cyber Security Incident Response
Organizations are responding to new threats with new processes for detecting and mitigating them. Here's a look at how the discipline of incident response is evolving.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-15583
PUBLISHED: 2019-03-25
Cross-Site Scripting (XSS) vulnerability in point_list.php in GNUBOARD5 before 5.3.1.6 allows remote attackers to inject arbitrary web script or HTML via the popup title parameter.
CVE-2017-7340
PUBLISHED: 2019-03-25
A Cross-Site Scripting vulnerability in Fortinet FortiPortal versions 4.0.0 and below allows an attacker to execute unauthorized code or commands via the applicationSearch parameter in the FortiView functionality.
CVE-2014-9187
PUBLISHED: 2019-03-25
Multiple heap-based buffer overflow vulnerabilities exist in Honeywell Experion PKS all versions prior to R400.6, all versions prior to R410.6, and all versions prior to R430.2 modules, which could lead to possible remote code execution or denial of service. Honeywell strongly encourages and recomme...
CVE-2014-9189
PUBLISHED: 2019-03-25
Multiple stack-based buffer overflow vulnerabilities were found in Honeywell Experion PKS all versions prior to R400.6, all versions prior to R410.6, and all versions prior to R430.2 modules that could lead to possible remote code execution, dynamic memory corruption, or denial of service. Honeywell...
CVE-2019-10044
PUBLISHED: 2019-03-25
Telegram Desktop before 1.5.12 on Windows, and the Telegram applications for Android, iOS, and Linux, is vulnerable to an IDN homograph attack when displaying messages containing URLs. This occurs because the application produces a clickable link even if (for example) Latin and Cyrillic characters e...