Cloud Defense Logo

Products

Solutions

Company

Book A Live Demo

Breach
2023
Logs missing in 42% cyberattacks; small business most vulnerable: Report

Logs missing in 42% cyberattacks; small business most vulnerable: Report

Table of Contents

Incident Details

In a study conducted by cybersecurity firm Sophos, it was revealed that telemetry logs, responsible for data collection, transmission, and measurement, were absent in 42% of the scrutinized cyberattacks. Titled 'The Active Adversary Report for Security Practitioners,' the report examines incident response (IR) cases from January 2022 to June 30, 2023, encompassing 232 cases across 25 different sectors. The findings also indicate that in 82% of these attacks, threat actors intentionally eliminated or disabled telemetry to obfuscate their activities. The targeted organizations were located in 34 countries spread across six continents, with 83% of the incidents originating from establishments with fewer than 1,000 employees.

Incident

How Did the Breach Happen?

Cybercriminals intentionally disabled or deleted telemetry logs in order to hide their activities.

What Data has been Compromised?

The details regarding the compromised data are not specified in the report.

Why Did the company's Security Measures Fail?

The security protocols implemented by the company proved ineffective as cyber attackers successfully disabled or deleted telemetry logs, leading to a diminished ability to monitor the network and systems.

What Immediate Impact Did the Breach Have on the company?

The exact consequences of the security breach are not detailed in the information available.

How could this have been prevented?

In order to avoid this security breach, the company could have incorporated more robust security protocols to safeguard telemetry logs and maintain their authenticity.

What have we learned from this data breach?

The recent security incident has highlighted the critical need for keeping thorough and precise telemetry records to enhance incident handling and network surveillance.

Summary of Coverage

The findings from Sophos' Active Adversary Report reveal that in 42% of the cyberattacks studied, important telemetry logs were either absent or tampered with by cybercriminals to conceal their activities. This security breach affected smaller organizations with less than 1,000 employees in various countries. The incident underscores the importance of enhancing security protocols to safeguard telemetry logs and ensure continuous monitoring of network operations.

Is your System Free of Underlying Vulnerabilities?
Find Out Now