Human error in cyberspace

Analysts at Kaspersky Managed Detection and Response discovered that in 2022, more than three high-severity incidents attributed to the human factor were reported every day.

man mistake problem

Research by Kaspersky Managed Detection and Response (MDR) revealed that Security Operations Center (SOC) analysts discovered for each day of 2022 more than three high-severity incidents with direct human involvement.

Kaspersky Managed Detection and Response Analyst's annual report showed that high-severity incidents required an average of 43,8 minutes to be detected by Kaspersky MDR.

Due to the increase in human-centric attacks, this processing time increased by approximately 6% compared to the previous year.

In terms of the nature of the incidents, 30% were APT3 related, 26% were of malware and just over 19% were “ethical hacks” (pen tests, red teams and any other type of pentests conducted on customer infrastructures to assess the security of IT systems or check operational readiness for MDR services).

The percentage of incidents that involved critical vulnerabilities with humans it was about 9%. The remaining incidents resulted from the successful use of social techniques or were linked to insider threats.

kaspersky research

Commenting on this report, Sergey Soldatov, head of Kaspersky's Security Operations Center:

“According to the MDR report, artificial, sophisticated attacks are on the rise.

These types of attacks are not amenable to automation and require a lot of resources to investigate, taking up SOC analysts' time.

To effectively detect such attacks, we recommend implementing a comprehensive threat investigation methodology in addition to traditional alert monitoring.”

To strengthen protection against advanced attacks, Kaspersky experts recommend the following:

  • Develop solutions that combine detection and response capabilities that help detect threats without the need for additional internal resources.

  • Ensure SOC teams have access to up-to-date threat intelligence and detailed visibility of cyber threats targeting the organization.

  • Provide your staff with basic cyber security knowledge to reduce the likelihood of targeted attacks.

  • Implement Incident Response specialist training to improve the expertise of your internal digital forensics and incident response team.

The full Kaspersky Managed Detection and Response Analyst Report 2022 is available here.

iGuRu.gr The Best Technology Site in Greecefgns

every publication, directly to your inbox

Join the 2.100 registrants.
Kaspersky

Written by Anastasis Vasileiadis

Translations are like women. When they are beautiful they are not faithful and when they are faithful they are not beautiful.

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).