The UK has been the greatest target of advanced cyber attacks in Europe, the Middle East or Africa (Emea) in the first half of 2014, according to a report.
APTs refer to cyber attacks in which unauthorised parties gain access to a network and stay there undetected for a long time.
APT attacks typically involve complex malware designed to steal data from organisations in sectors with high-value information such as national defence, manufacturing and finance.
Germany was the second most targeted country in the Emea region (12%), followed by Saudi Arabia (10%), Turkey (9%) and Switzerland (8%).
At the lower end of the ranking were France (4%), Sweden (4%) and Spain (3%).
- Assume your organisation is a target and that existing security controls can be bypassed.
- Establish a cyber-risk framework that enables the business with board-level sponsorship.
- Establish an incident response/management service to detect and react to an APT event quickly.
- Enhance your visibility with external threat intelligence to understand who might attack you and how to avoid the tools, techniques and procedures they use.
- Bring in technology that could identify an APT.
“Motivated by numerous objectives, threat actors are evolving the level of sophistication to steal personal data and business strategies, gain a competitive advantage or degrade operational reliability,” the report said.
The data was drawn from anonymised customers using FireEye’s Threat Prevention Platform, which is designed to provide real-time, dynamic threat protection without the use of signatures.
The data showed the number of unique infections associated specifically with targeted attacks nearly doubled in the Emea region in the first half of 2014.
Government, financial services and telecommunications were the most highly targeted sectors, representing more than 50% of APTs detected in the region. The energy sector was also a top target.
“Advanced attacks are the new reality for business and government,” said Richard Turner, regional vice-president at FireEye.
“By preparing an effective defensive strategy, organisations can avoid the risk of sitting on the sidelines as their data and intellectual property find their way to competitors, adversaries or hacktivists," he said.
Attackers are targeting high-value organisations and are making their way in. The high number of APT events suggests a large level of information theft
APTs most often start with advanced email attacks such as spear phishing to trick recipients into clicking on a malicious link that gives the attacker control of the recipient’s PC or device, according to Mark Sparshott, regional director at Proofpoint.
“This report correlates with Proofpoint's research in early September which found that unsolicited email destined for recipients in the UK is proportionally almost three times more likely to contain a malicious link than in the US, Germany or France,” he said.
The FireEye report said the evidence demonstrates that organisations in the region continue to be targets for advanced threats.
“Attackers are targeting high-value organisations and are making their way in. The high number of APT events suggests a large level of information theft,” the report said.
Earlier this month, the latest Global state of information security report by PwC also found that UK firms are suffering more cyber security incidents than their global counterparts.
The report said 69% of UK companies had experienced a security incident in the past 12 months, compared with 59% globally.
READ MORE ON CYBER SECURITY
- Cyber security failing in execution, says ex-US cyber czar
- Protective monitoring key part of DWP cyber security
- Nato and business join forces to tackle cyber security threats
- UK government launches cyber security support scheme
- Government mandates Cyber Essentials for public-sector supply chain
The PwC report noted that UK firms are falling behind in identifying breaches, with more than 22% of UK companies surveyed admitting they failed to detect any security incidents in the past year, compared with only 16% globally and 18% in Europe.
The UK government has identified cyber attacks as a top threat to national security and, as part of a raft of initiatives to increase cyber defences, has mandated a minimum security standard for suppliers.
This applies to all suppliers bidding for government contracts that involve handling sensitive and personal information.
CES was developed by the government in consultation with industry and launched in June 2014. It aims to raise the cyber security bar in UK business.
The scheme was developed with the Information Assurance for Small and Medium Enterprises (IASME) consortium, the Information Security Forum (ISF) and the British Standards Institution (BSI).