March 5, 2019

Cyberattack traffic climbed by a third in 2018

By Lucy Ingham

Cyberattack traffic increased significantly in 2018, according to research by F-Secure, but companies are struggling to detect incidents.

The Finnish cybersecurity giant monitored a network of decoy honeypots, which are designed to look like conventional websites and networks commonly targeted by attackers. These are used to research the methods attackers use, as well as get a picture of wider changes in cyberattack traffic.

F-Secure found that such traffic climbed 32% from 2017 to 2018. Notably, the second half of 2018 saw a dramatic surge, growing 400% from the first half.

It is likely that this increase has also occurred across the wider online world, suggesting that companies are being attacked more frequently. However, this does not mean they are aware this is happening.

Companies are struggling to detect cyberattack traffic

According to research by F-Secure, companies do not have the ability to see much of the cyberattack traffic that makes it past common defences such as firewalls and endpoint protection solutions.

In a survey by the company, 22% of companies failed to detect a single attack across 12 months, while 20% detected just one attack and 31% detected 2-5.

The real numbers are likely to be dramatically higher.

Among F-Secure’s own clients, the company detected 15 attacks in just one month at a company with 1,300 end-user devices connected to its network, also known as endpoints. At another company with 325 endpoints, the number was seven in a single month.

This indicates a lack of understanding by companies of the reality of what is going on in their network when it comes to cyberattack traffic.

“Today’s threats are completely different from 10 or even 5 years ago. Preventative measures and strategies won’t stop everything anymore, so I’ve no doubt that many of the companies surveyed don’t have a full picture of what’s going on with their security,” said Leszek Tasiemski, vice president of Cyber Security Products Research & Development at F-Secure.

“Many organisations don’t really value security until an incident threatens to cost them a lot of money, so I’m not completely surprised that there are companies detecting zero attacks over the course of a year.”

Verdict deals analysis methodology

This analysis considers only announced and completed deals from the GlobalData financial deals database and excludes all terminated and rumoured deals. Country and industry are defined according to the headquarters and dominant industry of the target firm. The term ‘acquisition’ refers to both completed deals and those in the bidding stage.

GlobalData tracks real-time data concerning all merger and acquisition, private equity/venture capital and asset transaction activity around the world from thousands of company websites and other reliable sources.

More in-depth reports and analysis on all reported deals are available for subscribers to GlobalData’s deals database.

Topics in this article: