Some Companies Never Know They Are Under Attack

Not all cyberattacks are visible, and some companies don't know they are under attack and have no clue as to the effects of such an attack on their organization, according to a new study.

Companies with any online exposure will almost certainly be targeted sooner or later. And when an actual cyberattack takes place, it's never like in movies; there no visual indicators or alarms going off in the distance. Most of the time, organizations will notice problems with their Internet traffic, or the Security Operation Center (SOC) determines that the business is under attack.

Not surprisingly, in some situations, companies won't be aware they are under attack. In the worst-case scenario, the infrastructure of an organization is breached, but the attackers remain hidden. Depending on their intentions, they could lay low and wait for the right time to strike or start exfiltrating sensitive data right away.

A recent Radware survey of more than 550 respondents from a wide variety of industries worldwide showed that 22% of them were not even aware of an impending attack. This problem is more commonly known as the visibility issue, and it's usually found in organizations that don't monitor their internal data traffic.

For example, Bitdefender offers a solution called Network Traffic Security Analytics (NTSA), which is designed to tackle this precise problem. Using a combination of machine learning and behavior analytics, the SOC monitors the infrastructure and makes determinations about infiltrations if the endpoints are not triggered.

Even if an organization has all the protections in place to safeguard the company's devices, it's still difficult to account for people bringing their own unsecured devices (BYOD – bring your own device) or for Internet of Things (IoT) devices that don't show up as tradition endpoints. Coupled with the fact that many companies choose to move their operations into the cloud, the number of possible attack vectors increases significantly.

The survey unveiled a number of other worrying aspects of the visibility issue. For example, 27% of companies attacked have no idea what the hackers want, and 13% have no clue as to how a cyberattack will impact their business.

Finally, 30% of the respondents don't monitor east-west traffic, which is a term for traffic inside the infrastructure. It's easy to think of attacks as coming from the outside, but that's not always the situation. Solutions such as NTSA can detect insider threats as well, which can be as simple as an employee accessing resources that he shouldn't and moving up to industrial espionage.