Hackers look for easy, high-value targets, survey finds
Attackers deterred by strong defence, will look for new targets after one week of no results
The majority of hackers are looking for easy targets that will yield high-value data, and are easily deterred if a target presents a strong defence, according to a survey of people involved with the ‘attacker' community.
The survey, conducted by Ponemon Institute on behalf of Palo Alto Networks, found that 73% of attackers hunt for easy ‘cheap' targets, and 72% believe attackers will stop their efforts in the face of a strong defence.
The survey also found that average hackers earns less than $30,000 per year from their malicious activities, around one quarter of a cybersecurity professional's average yearly wage, and that the majority of technically proficient attackers will only spend one week (209 hours) on a target before moving on, if they are unsuccessful in gaining any data.
Palo Alto has released a report on the results, titled ‘Flipping the Economics of Attacks,' which attempts to understand the economic motivation of hackers and what measures can be taken to make a target uneconomical for them.
"As computing costs have declined, so too have the costs for cyber adversaries to infiltrate an organization, contributing to the growing volume of threats and data breaches. Understanding the costs, motivations, payouts, and finding ways to flip the cost scenario will be instrumental in reducing the number of breaches we read about almost daily and restoring trust in our digital age," said Davis Hake, director of cybersecurity strategy at Palo Alto Networks.
The study found that 72% of survey respondents said they won't waste time on an attack that will not quickly yield high-value information, while an increase of approximately 2 days (40 hours) in the time required to conduct successful cyberattacks will dissuade up to 60% of attackers. It takes twice as much time (147 hours) to plan and execute an attack against an organisation with ‘excellent' IT security versus just 70 hours for a ‘typical' target.
Ponemon and Palo Alto advise organisations that taking a breach prevention-first mindset, instead of a detection and incident response approach, can slow down a cyber attacker enough for them to abandon the attack in favour of an easier target. Organisations should also move away from legacy security to next generation infrastructure, and use integrated systems to provide better insight into what is happening on the network in order to be able to respond to attacks before they penetrate the organisation.
"The survey illustrates the importance of threat prevention. By adopting next-generation security technologies and a breach prevention philosophy, organizations can lower the return on investment an adversary can expect from a cyberattack by such a degree that they abandon the attack before it's completed," said Dr. Larry Ponemon, chairman and founder, Ponemon Institute.
The survey queried 304 participants in Germany, the United Kingdom and the United States. 79% of respondents described themselves as involved with the attacker community.