Lack of patching and application security behind 27 percent of breaches: SISA

Forensics-driven global cybersecurity company SISA on Thursday released its biennial information security report ‘SISA Top 5 Forensic Driven Learnings – 2022-2023’. Based on findings from SISA’s forensics investigations, incident response and security audits carried out between April 2020 and December 2021, the report offers an in-depth view of the most common exploits and intruder actions, features detailed commentary on trends observed across the breach life cycle, and highlights top factors driving global data breaches.

Some of the report’s top findings are:

• The frequently used vector to gain initial access is phishing attacks and malware deployment – observed in nearly 43% of cases.
• Intruders are increasingly targeting applications hosted in the User Acceptance Testing (UAT) environment and/or non-critical applications like the Human Resources Management System (HRMS), travel portals, etc., for deploying web application exploits.
• Lack of patching/application security is a key factor causing 27% of breaches and 46% of the time serving as a contributing factor. This is followed by inadequate antivirus (AV) and access control resulting in 11% of the breaches and contributing to 41% of them.
• Synchronized ransomware attack, where the entire data centre and disaster recovery (DR) site are taken down and backup copies are ingested with malware, is one of the top action on objectives observed over the past 1.5 years.

READ | WhatsApp to offer cashback rewards to boost peer transfers, merchant payments in India

On the release of the report, Lt General (Dr) Rajesh Pant, the national cyber security coordinator at the Prime Minister’s Office (PMO), who was the chief guest at the event, said, “World over, data breaches are soaring despite an ever-increasing investment in cybersecurity tools and technologies. A host of factors ranging from exponential growth in the volume of data, rising adoption of APIs, distributed IT landscape, acceleration of digital transformation, and increasing lucrativeness of cybercrime, are fuelling this surge. As intruders weaponize AI/ML tools to exploit vulnerabilities across IT infrastructures, it is imperative for organizations to outsmart even the most sophisticated intruder.”

General Pant spoke of exponential rise in cybercrimes in the wake of accelerated digital transformation brought about by the pandemic and urged enterprises to step up defences. He also mentioned how 5G, IoT and edge computing will likely present newer avenues for cyber criminals to carry out large-scale attacks especially targeted at critical infrastructure.

READ | Is your address, phone number on Google? now you can submit request to remove personal details

Dharshan Shanthamurthy, Founder & CEO, SISA, shared his thoughts on the importance and relevance of the report, “Intruders are not just targeting high-valuation companies, but every firm regardless of size and then monetizing them. It is alarming to note that on an average, an intruder resides in the company network for about 180 days, giving enough room to penetrate into critical systems and carry out large-scale attacks. The findings from the report have further underscored the importance of frequent patching, secure access management, robust intelligent monitoring and effective incident response systems.”