In this, our third Italian threat report, we find that attack frequency and has reached unprecedented levels; 98% of security professionals said the volume of attacks they faced has increased, this is up from February and October 2019 when we saw 93% and 89% increases respectively. Attackers are employing a more diverse range of tactics and techniques than ever before as they bid to extort, disrupt and infiltrate organisations.
The considerable leap in attack frequency revealed in this iteration of the report shows that, however fast Italian businesses may be adapting to the intensifying environment, the cyber threat landscape is evolving faster. 85% of security professionals say attacks have become more sophisticated, 5% of those say they have become significantly more advanced with 80% stating that attacks have become moderately or slightly more sophisticated.
99% of Italian respondents said they had suffered a data breach as a result of a cyberattack in the past 12 months.
In addition to the general escalation in intensity, this report reveals a shift in the causes of successful breaches. Island hopping, despite only featuring third in the most prolific attack type experienced, was the top cause of breaches (26%), followed by OS vulnerability and web application attack.
Furthermore, 11% of breached businesses had been compromised via their supply chain. Clearly, the extended enterprise ecosystem is generating considerable security concerns.
Italian security professionals are responding to the uptick in cyber threats by boosting cyber defence spending. All but two of our survey participants (99%) anticipated an increase in spend.
Where that spend will be directed is an interesting question. Respondents told us unequivocally that threat hunting is paying dividends and increasingly being recognised for its value in identifying malicious actors already in the system, so it seems likely this investment will continue, but what of emerging risks?
Google Drive™ (Cloud-based attacks) top the table with over a quarter of respondents seeing it as the most frequent attack type (27%). This was followed by process hollowing (18%) and island hopping at 15%. Custom malware has seen a drop to 7% whereas in the last report it was at 28%. Similarly, Ransomware has dropped from 16% to 2% this time around.
Indicating a growing attacker focus on gaining undetected access to networks, the frequency of process hollowing attacks has grown to 18%. Also appearing on the attack radar is island hopping, seen in 15% of incidents. While this figure may seem relatively low, these types of attacks are proving effective, as later analysis shows.
Interestingly, cryptojacking has also dropped from the third most-frequently experienced attack to 11th on the list, comprising just 2% of attacks compared to 12% in October 2019.
Financial services are at the mercy of google drive attacks with 43% saying this was the most frequently experienced attack type (compared with an average of 27%).
Manufacturing and engineering company respondents were significantly affected by google drive attacks with 24% experiencing these and process hollowing at 21% compared to an average of 18%.
59% of respondents reported financial impact following a breach.
43% of companies in the financial services sector said they had suffered severe reputational impact as a result of a breach.