Real World Threat Report
|This first-of-its-kind study examines data from more than 1,600 FireEye network and email appliances in real-world settings. The FireEye devices were part of more than 1,200 “proof-of-value” trials in actual deployments, where they sat behind other defensive layers but were not set to block malicious activity. That unique vantage point revealed a deeply flawed defense-in-depth model.
The study gets its title from France’s famed Maginot Line — the technically impressive 940-mile border defense that Germany simply bypassed with a novel blitzkrieg style of warfare. Like the Maginot Line, today’s cyber defenses are fast becoming a relic in today’s threat landscape. Organizations spend billions of dollars every year on IT security. But attackers are easily outflanking these defenses with clever, fast-moving attacks.
Key findings include:
• Nearly all (97 percent) organizations had been breached, meaning at least one attacker had bypassed all layers of their defense-in-depth architecture.
• More than a fourth of all organizations experienced events known to be consistent with tools and tactics used by advanced persistent threat (APT) actors.
• Three-fourths of organizations had active command-and-control communications, indicating that attackers had control of the breached systems and were possibly already receiving data from them.
• Even after an organization was breached, attackers attempted to compromise the typical organization more than once per week (1.59) on average.