Palo Alto Networks: Malicious Hackers Aren't That Patient

Increasing the time it takes to breach an organization by only two days discourages profit motive for attackers.

Channel Partners

February 2, 2016

2 Min Read
Hacker

Cyberattackers are opportunistic and aim for the easiest targets first. That’s according to results of a new survey released by security provider Palo Alto Networks.

Researchers at the Ponemon Institute conducted the survey of more than 300 people in Germany, the U.K. and the U.S. — 79 percent of whom describe themselves as “involved with the attacker community.”

The survey reveals that cyberattackers aren’t very patient. Nearly three-quarters (72 percent) of respondents said they won’t waste time on an attack that will not quickly yield high-value information. For every 40 additional hours it takes a malicious hacker to conduct a successful attack, the likelihood of that attack reduces by 60 percent.{ad}

Think these cyber bad guys are raking in the dough? Not really, if they’re being honest. The average cyberattacker earns less than $30,000 per year from being a black hat; that’s about one-quarter of a cybersecurity pro’s average annual salary.

The survey also sheds light on the efficacy of strong security systems — an excellent one can more than double the amount of time for a good hacker to intrude. And remember, most hackers aren’t that patient; they’ll move on to an easier target in most cases.

That’s all the more important when you consider, along with the costs of computing, that the overhead for cyberattackers also has fallen. It provides a good warning for both businesses and their channel partners.

“Understanding the costs, motivations, payouts, and finding ways to flip the cost scenario will be instrumental in reducing the number of breaches we read about almost daily and restoring trust in our digital age,” said Davis Lake, director of cybersecurity strategy at Palo Alto Networks.

Dr. Larry Ponemon, chairman and founder, Ponemon Institute, said the survey shows how important threat prevention is and how investing in next-generation technology is a good idea.

“By adopting next-generation security technologies and a breach-prevention philosophy, organizations can lower the return on investment an adversary can expect from a cyberattack by such a degree that they abandon the attack before it’s completed,” said Ponemon.

Here are a few recommendations you can take into account to increase your defense against cyberattackers that might cause them to abandon the attack altogether.

  • Make yourself a hard target. Adopting a stronger, prevention-first, security system, instead of a detection and incident response approach, can slow down cyberattackers and cause them to abandon the attack in favor of an easier target.

  • Invest in next-generation capabilities and turn your network visibility into actionable intelligence. The use of next-generation security capabilities that automate preventive action are the best defense against today’s advanced cyberthreats.

  • Turn your network visibility into actionable intelligence. A prevention-focused security system relies on solid technologies like next-generation firewalls, network intelligence, and threat information sharing. This provides defenders with a clearer picture of what is happening inside their network.

Read more about:

Agents
Free Newsletters for the Channel
Register for Your Free Newsletter Now

You May Also Like