Why cyber attacks are getting quicker and costlier
New research reveals the costs associated with recovering from a cyber attack are on the rise as new technologies enable hackers to launch more sophisticated attacks more frequently
The average cost incurred by firms that fell victim to a cyber attack increased in 2023, new research shows, as hackers increasingly waged more frequent, highly targeted attacks.
The Cybernomics 101 report published by IT security specialists Barracuda Networks surveyed 1,917 IT security professionals about changes in the threat landscape over the previous year, and how their business is adapting.
The research found the average cost of responding to compromises exceeded $5 million for the first time in 2023.
The report also found the average cost of an attack in terms of the damage it caused to IT assets, as well as added expenditures on forensic investigations, incident response activities, help desk, and customer service operations, was $2.98 million.
Moreover, forced system downtime and availability problems due to cyber attacks cost companies an average of $2.36 million in terms of revenue losses over the course of the year.
On average, the highest amount paid out for a ransomware attack in 2023 was $1.38 million, which, when considered in combination with the costs outlined above, would prove crippling to many smaller enterprises.
Time is money – rapid attacks and glacial response times
In addition to a cyber incident’s direct financial impact on an organization, the time spent recovering from these attacks is also an important factor when assessing their costs to businesses.
According to the report, on average, it takes a technically proficient hacker approximately six hours to exploit a vulnerability in the wild.
This is dwarfed by the average time the report claims an IT security team will need to investigate, clean, fix, and document a successful phishing attack: 427 hours.
Based on an hourly rate of $72 per hour, this would mean a successful phishing attack costs firms an average of $30,744 per staff member, with a security team of five people this would total $153,720 per successful attack.
Using insights from the ethical hackers taking part in the survey, the report estimated a technically proficient hacker could launch up to 21 attacks a day with a 43% success rate, working out to nine successful attacks a day.
Get insight on commonly found security issues that AI code suggestion tools generate
DOWNLOAD NOW
Almost half of the respondents (48%) familiar with generative AI technologies said its use among threat actors will further reduce the time it takes to exploit vulnerabilities.
Consequently, 50% of respondents said they expect the use of generative AI will increase the number of attacks a skilled hacker can launch per day.
Contrastingly, only 39% of IT security leaders reported they believe their security infrastructure is adequately equipped to protect against GenAI-powered attacks.
Get the ITPro. daily newsletter
Receive our latest news, industry updates, featured resources and more. Sign up today to receive our FREE report on AI cyber crime & security - newly updated for 2023.
Solomon Klappholz is a Staff Writer at ITPro. He has experience writing about the technologies that facilitate industrial manufacturing which led to him developing a particular interest in IT regulation, industrial infrastructure applications, and machine learning.
Most Popular
By Steve Ranger
By Ross Kelly