Analysts at Kaspersky Managed Detection and Response discovered that in 2022, more than three high-severity incidents attributed to the human factor were reported every day.
Research by Kaspersky Managed Detection and Response (MDR) revealed that Security Operations Center (SOC) analysts discovered for each day of 2022 more than three high-severity incidents with direct human involvement.
The annual Kaspersky Managed Detection and Response Analyst Report showed that high-severity incidents required an average of 43,8 minutes to be detected by Kaspersky MDR.
Due to the increase in human-centric attacks, this processing time increased by approximately 6% compared to the previous year.
In terms of the nature of the incidents, 30% were APT3 related, 26% were malware attacks and just over 19% were “ethical hacks” (pen tests, red teams and any other type of pentests conducted on customer infrastructures for the assessment of the security of IT systems or the control of operational readiness for MDR services).
The percentage of incidents involving critical human vulnerabilities was about 9%. The remaining incidents resulted from the successful use of social engineering techniques or were linked to insider threats.
Commenting on this report, Sergey Soldatov, head of Kaspersky's Security Operations Center:
“According to the MDR report, artificial, sophisticated attacks are on the rise.
These types of attacks are not amenable to automation and require a lot of resources to investigate, taking up SOC analysts' time.
To effectively detect such attacks, we recommend implementing a comprehensive threat investigation methodology in addition to traditional alert monitoring.”
To strengthen protection against advanced attacks, Kaspersky experts recommend the following:
Develop solutions that combine detection and response capabilities that help detect threats without the need for additional internal resources.
Ensure SOC teams have access to up-to-date threat intelligence and detailed visibility of cyber threats targeting the organization.
Provide your staff with basic cyber security knowledge to reduce the likelihood of targeted attacks.
Implement Incident Response specialist training to improve the expertise of your internal digital forensics and incident response team.
The full Kaspersky Managed Detection and Response Analyst Report 2022 is available here.