Its analysts Kaspersky Managed Detection and Response found that in 2022, more than three high-severity human-caused incidents were reported every day.
Research by Kaspersky Managed Detection and Response (MDR) revealed that Security Operations analysts Center (SOC) discovered for each day of 2022 more than three high-severity incidents with direct human involvement.
The annual Kaspersky Managed Detection and Response Analyst Report showed that high-severity incidents required an average of 43,8 minutes to be detected by Kaspersky MDR.
Due to the increase in human-centric attacks, this processing time increased by approximately 6% compared to the previous year.
In terms of the nature of the incidents, 30% were APT3 related, 26% were malware attacks and just over 19% were “ethical hacks” (pen tests, red teams and any other type of pentests conducted on customer infrastructures for the assessment of the security of IT systems or the control of operational readiness for MDR services).
The percentage of incidents that were critical vulnerable spots with people were about 9%. The remaining incidents resulted from or were linked to the successful use of social engineering techniques internal threats.
Commenting on this report, Sergey Soldatov, head of Kaspersky's Security Operations Center:
“According to the MDR report, artificial, sophisticated attacks are on the rise.
These types of attacks are not amenable to automation and require a lot of resources to investigate, taking up SOC analysts' time.
To effectively detect such attacks, we recommend implementing a comprehensive threat investigation methodology in addition to the traditional monitoring alarms".
To strengthen protection against advanced attacks, Kaspersky experts recommend the following:
-
Develop solutions that combine detection and response capabilities that help detect threats without the need for additional internal resources.
-
Ensure SOC teams have access to up-to-date threat intelligence and detailed visibility of cyber threats targeting the organization.
-
Provide your staff with basic cyber security knowledge to reduce the likelihood of targeted attacks.
-
Implement Incident Response specialist training to improve the expertise of your internal digital forensics and incident response team.
The full Kaspersky Managed Detection and Response Analyst Report 2022 is available here.