US spanks EU businesses in race to detect p0wned servers European organisations are taking longer to detect breaches than their counterparts in North America, according to a study by FireEye. Organisations in EMEA are taking almost six months (175 days) to detect an intruder in their networks, which is rather more than the 102 days that the firm found when asking the same questions …
This post has been deleted by its author
Who could possibly want to "joe job" Iran, North Korea, etc.? My money would be on the CIA* being behind these attacks.
- Known to be wildly out of control
- Known to attack both friendly and hostile nations
- Known to cover their tracks and lie.
- Known to have the technological capabilities.
No offence to Iran and North Korea, but I just don't see them as sophisticated state actors.
* "intelligence" in the information collection sense rather than the more common definition.
@Anonymous Coward: "First thing to do when launching an attack is compromise a remote machine and launch the attack from there."
Are you some kind of an expert, cause the Russian GRU (76 Khoroshyovskoe shosse) uses an IP address registered to their own street address. And some agent forgot to turn the VPN on when he was hacking the DNC. I know this cause I read this on The Register.
"Are you some kind of an expert, cause the Russian GRU (76 Khoroshyovskoe shosse) uses an IP address registered to their own street address. And some agent forgot to turn the VPN on when he was hacking the DNC. I know this cause I read this on The Register."
Do you have a reading comprehension issue?
I said:
"The IP of where the attack comes from...
... is no indication of who is in control of it."
Who's to say the PC in Russia was not compromised first to launch the attack from there.
So when you find a data breech linked back to an attacking ip address, who do you report it to.
That machine is most likely compromised. True, but without any stats or other details, your deliberately
But locally at least, the feds(Australia) had up on their website about 12 months ago, that they were not interested in receiving information unless the attack originated within Australia.
So when I find an attack that has done damage to a business, cause its a small business, no one is interested in the last hop? No one wants to know? Just file insurance claims and move on....
head meet hole in sand.
Dear Sir,
"Organisations in EMEA are taking almost six months (175 days) to detect an intruder in their networks, which is rather more than the 102 days that the firm found when asking the same questions last year. In contrast, the median dwell time in the Americas has improved from at 76 days in 2017, compared with 99 in 2016. Globally it stands at 101 days."
Stone-editor... Again!
Regards,
Guus
Certainly how I interpret the article. Various EU countries have been upping the "cybersecurity" ante for years and independently of GDPR but focussing on key sectors. I would have thought that up until very recently most companies wouldn't be able to know whether they were being attacked or not. GDPR is at least doing a great job in increasing awareness of the problem.
They had free run of the companies servers for about 6 months.
Why wouldn't they think that after a few months without being hit the company would return to the same lazy, slipshod ways that let them gain access in the first place?
This is the internet.
If the reward is big enough or the cost (of compromising someone) small enough (because they essentially have no security) then any company is likely to get a visit.
It's not if, it's when.
A meaningless metric, someone breaks in steals data and leaves erasing evidence of their presence or else they're good enough to remain undetectable. FireEye, are they the same outfit that provided 'protection' to Equifax.
"FireEye has historically blamed China" .. or Iran or North Korea or Russia or Sudan or Syria or Venezuela or the supreme leader of a race of albino shape-shifting reptilian humanoids from a planet in the Sirius Star System.
'as the geo-political landscape has changed Russia and North Korea are getting more and more "credit" for alleged cyber-nasties.'
Do you mean as to whom ever is Uncle Sams current cyber bogeyman. Please, enough of this neocon cyber-scare stories, you're not addressing the average Faux News viewer. FireEye staffed by alleged former intelligence agents of the US and a certain middle eastern nation, come on, you do the 'Math' :]
"FireEye has historically blamed China" .. or Iran or North Korea or Russia or Sudan or Syria or Venezuela or the supreme leader of a race of albino shape-shifting reptilian humanoids from a planet in the Sirius Star System."
"you're not addressing the average Faux News viewer. FireEye staffed by alleged former intelligence agents of the US and a certain middle eastern nation, come on, you do the 'Math' :]
Best post ever!
GDPR gives you 4 days to contact authorities after you have VERIFIED that a breach has taken place. There is no penalty for being slow to detect, or reading about your breach in media.
GDPR is mostly an excercise in getting documentation and processes in place, and very little about necesary technical controls.
That GDPR rule aims at people being notified quickly when a breach is discovered, you can't keep it "secret" while you offload your shares. But it's not the only rule - you can be fined for other reasons as well, for not protecting data well enough.
The fact you can't delay much the notification of a breach, and face their consequences or face big fines, should be an incentive to keep a closer eye on what happens on your systems to minimize breaches and their effects.
The good thing of the GDPR is exactly it doesn't mandate any technology, which would make it obsolete well before next May.
That's exactly what I came here to say too! EMEA appears to be a US contrived acronym invented by US multi-nationals purely for regional C-Suite accountants and probably has less relevance than DVD region codes when it comes to grouping countries together. If someone is going to use EMEA for a number, then the comparison should be with "America" as a whole, ie including Central and South American countries.
EMEA is a also an absolutely huge area that would contain 2.2 billion people if it were a geopolitical entity (which it isn't). The European Union only contains 508 million people.
It contains the entire African continent and the whole Middle East.
So the figure are utterly meaningless for the EU and contains a huge amount of countries (in fact far more than are in the EU) which would not have anything like its level of development or regulation.
It's actually twice the size of the population of the entire American continent (North and South).
As a region it's utterly meaningless and probably has something to do with using 230V 50Hz power or something like that.
You might as well compare the EU to AMChina (some weird amalgamation of North and South America and the Chinese Market)
It's about as useful a term as "Overseas" vs "US"
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
