Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Vulnerabilities / Threats

4/23/2012
10:05 AM
Dark Reading
Dark Reading
Products and Releases
50%
50%

61% Of IT Security Professionals Are Concerned About Attacks From Anonymous And Hacktivists

Bit9 survey also showed that IT executives are most concerned about malware and spear phishing attacks

WALTHAM, Mass. – April 23, 2012 – Concerns over hacktivism and targeted state-sponsored attacks are at the top of security professionals’ minds according to a new survey and research report sponsored by Bit9. The 2012 Cyber Security Survey of nearly 2,000 IT security experts set out to gauge the current state of enterprise security and identify the attack methods and cybercrimal groups that keep IT executives up at night. Complete survey results can be viewed online at http://www.bit9.com/cyber-security-research-2012.

According to Bit9’s survey, 64 percent of respondents believe their organization will be the target of a cyber attack in the next six months. As to the type of attackers that are most likely to target their organization, “Anonymous/ hacktivists” leads the survey at 61 percent, “cyber criminals” follows, and “nation states” rank third, with China ranking as the most likely actor. In addition, the vast majority (74 percent) believe that their endpoint security solutions on their laptops and desktops are not doing enough to protect their companies and intellectual property (IP) from cyber attacks.

Click to Tweet: @Bit9 Cyber Security Survey discusses #Anonymous, #security and #databreach disclosures http://bit.ly/HLruix

“The survey results put a spotlight on an interesting contradiction: on the surface, people are most afraid of embarrassing, highly publicized attacks from hacktivist organizations like Anonymous, but they recognize that the more serious threats come from criminal organizations and nation states,” said Harry Sverdlove, CTO of Bit9. “Bit9’s survey highlights how the quickly changing cybercrimal landscape is impacting IT professionals worldwide and illustrates what strategies organizations are implementing to protect their core data and intellectual property from cyber security threats.”

Highlights from the Bit9 2012 Cyber Security Survey include:

· More than half (61 percent) of respondents believe Anonymous and other hacktivist groups are most likely to target their organization – IT professionals express concern over the high-profile attacks led by hacktivist groups like Anonymous, and followed by cyber criminals (55 percent) and nation states, specifically China and Russia (48 percent ). Interestingly, only 28 percent believe that disgruntled employees are the most likely to target their companies.

· Sixty-two percent of respondents are most concerned about targeted attack methods – Malware (45 percent) and spear phishing (17 percent) techniques commonly used in targeted criminal and state sponsored espionage attacks are most worrisome. Concern about attack methods commonly used by hacktivists trailed: 11 percent for distributed denial of service (DDoS) and only 4 percent for SQL injection.

· Seventy-seven percent of respondents – a vast majority – believe companies and employees are in best position to improve security – 58 percent of respondents said companies implementing best practices and better security policies are in the best position to improve enterprise security, and 19 percent believe individual employees play an important role in improving the state of security. Despite current plans to implement cyber security legislation, only 7 percent believe that government regulation and law enforcement will best improve security.

· Only 26 percent of IT professionals feel that the security of their endpoints, laptops and desktops, is effective – The survey shows that respondents consider endpoints most “at risk.” However, even those machines that score the highest for most effective security – infrastructure servers at 40 percent and file servers at 36 percent – have been frequent targets for hackers of late.

· Ninety-five percent of respondents believe cyber security breaches should be disclosed to customers and to the public – Almost half of respondents (48 percent) feel that breached companies should not only disclose the breach, but they should also provide a description of what is stolen, while nearly a third (29 percent) believes a description of how the attack occurred should also be shared. Only 6 percent felt that nothing should be disclosed.

For more information on the Bit9 2012 Cyber Security Survey and to view the full survey results and research report, please visit: http://www.bit9.com/cyber-security-research-2012

To hear Harry Sverdlove discuss the survey and key results visit: http://www.bit9.com/tv/

For additional survey analysis and takeaways, visit Bit9’s blog: http://blog.bit9.com

To view survey infographic please visit: www.bit9.com/cyber-security/graphic.php

Bit9 APT Research Report Survey Methodology

Bit9 conducted an online survey of 1,861 IT and security professionals worldwide. Survey respondents work for companies in a wide range of industries, including: technology, healthcare, and retail, as well as in government agencies. The majority of companies represented in the survey (66 percent) work for organizations with more than 500 employees.

About Bit9

Bit9, the global leader in Advanced Threat Protection and Endpoint Security, protects the world’s intellectual property (IP) by providing innovative, trust-based security solutions to detect and prevent sophisticated malware and cyber threats. The world’s leading brands rely on Bit9’s award-winning Advanced Threat Protection Platform for endpoint protection and windows server security.

Bit9 stops advanced persistent threats by combining real-time sensors, cloud-based software reputation services, continuous monitoring and trust-based application control and whitelisting—eliminating the risk from malicious, illegal and unauthorized software. Bit9 also offers windows domain controller solutions to protect against modern cyber threats.

The company’s global customers come from a wide variety of industries, including e-commerce, financial services, government, healthcare, retail, technology and utilities. Bit9 was founded on a prestigious United States federal research grant from the National Institute of Standards and Technology – Advanced Technology Program (NIST ATP) to conduct the research that is now at the core of the company’s solutions.

Bit9 is privately held and based in Waltham, Mass. For more information, visit http://www.bit9.com, follow us on Twitter @Bit9, Facebook and Google+, or call +1 617-393-7400.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
News
FluBot Malware's Rapid Spread May Soon Hit US Phones
Kelly Sheridan, Staff Editor, Dark Reading,  4/28/2021
Slideshows
7 Modern-Day Cybersecurity Realities
Steve Zurier, Contributing Writer,  4/30/2021
Commentary
How to Secure Employees' Home Wi-Fi Networks
Bert Kashyap, CEO and Co-Founder at SecureW2,  4/28/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-24259
PUBLISHED: 2021-05-05
The “Elementor Addon Elements� WordPress Plugin before 1.11.2 has several widgets that are vulnerable to stored Cross-Site Scripting (XSS) by lower-privileged users such as contributors, all via a similar method.
CVE-2021-24260
PUBLISHED: 2021-05-05
The “Livemesh Addons for Elementor� WordPress Plugin before 6.8 has several widgets that are vulnerable to stored Cross-Site Scripting (XSS) by lower-privileged users such as contributors, all via a similar method.
CVE-2021-24261
PUBLISHED: 2021-05-05
The “HT Mega – Absolute Addons for Elementor Page Builder� WordPress Plugin before 1.5.7 has several widgets that are vulnerable to stored Cross-Site Scripting (XSS) by ...
CVE-2021-24262
PUBLISHED: 2021-05-05
The “WooLentor – WooCommerce Elementor Addons + Builder� WordPress Plugin before 1.8.6 has a widget that is vulnerable to stored Cross-Site Scripting (XSS) by lower-priv...
CVE-2021-24263
PUBLISHED: 2021-05-05
The “Elementor Addons – PowerPack Addons for Elementor� WordPress Plugin before 2.3.2 for WordPress has several widgets that are vulnerable to stored Cross-Site Scriptin...