Security Advisor

Report Finds 97 Percent of Networks Have Been Breached

The report by security firm FireEye found that network security can't keep up with the sophistication of today's attacks.

No matter how tight your network security is, chances are you have already been compromised by attackers and will be compromised in the future.

That's the finding of FireEye's latest cybersecurity assessment report (PDF) which found that 97 percent of the 1,614 networks monitored across 1,216 organizations were breached during a six-month monitoring period between October 2013 and March 2014. The Calif.-based security firm compared the high breach rate with the French Maginot Line -- a defense line constructed during World War 2 that did little to slow down the modern warfare techniques used against the country.

"The IT security industry faces a similar predicament," wrote FireEye in the report. "Organizations spend more than $67 billion on IT security. Yet attackers routinely breach those defenses with clever, fast-moving attacks that bypass traditional tools."

Along with almost every network monitored being breached, FireEye said that 27 percent of organizations experienced some sort of event connected with an advanced persistent threat (APT). Further, enterprises' defenses were not able to block 1.6 exploits and 122 malware droppers on average per network.

The attackers are finding success against even the most hardened networks due to their ability to adapt and evolve. The security firm found that those targeting networks are finding success with multiple-stage attacks that may be carried out over a prolonged amount of time and the most successful breaches typically follow the same five-step process:

  • Outside reconnaissance is performed by targeting potential high-level individuals in an organization by typically employing customized personal phishing e-mails to gain access.
  • Initial compromise is then carried out using a wide variety of tactics including watering-hole attacks and phishing attacks.
  • Once inside the breached system, the attackers will then try to gain access domain administrative credentials through malware techniques and send the elevation of privilege outside the network.
  • Internal reconnaissance is then carried out. The goal is to freely move across the entire network to identify valuable data, while also leaving additional backdoors so that unauthorized access can occur again at a later date.
  • Finally, once the targeted data are found, the information is extracted and the trail usually covered up.

The major failure area FireEye found in network security is that due to the need for different security tools to protect different fronts, integration between tools is not as strong as should be and creates the cracks attackers use to gain access.

FireEye concluded that to combat evolving attack techniques and smarter attackers, organizations must also change just as often. "In light of this reality, organizations must consider a new approach to securing their IT assets. For many, that shift should include reducing waste on redundant, backward-looking technology and redeploying those resources on defenses designed to find and stop today's advanced attacks."

About the Author

Chris Paoli is the site producer for and


  • Basic Authentication Extended to 2H 2021 for Exchange Online Users

    Microsoft is now planning to disable Basic Authentication use with its Exchange Online service sometime in the "second half of 2021," according to a Friday announcement.

  • Microsoft Offers Endpoint Configuration Manager Advice for Keeping Remote Clients Patched

    Microsoft this week offered advice for organizations using Microsoft Endpoint Configuration Manager with remote Windows systems that need to get patched, and it also announced Update 2002.

  • Azure Edge Zones Hit Preview

    Azure Edge Zones, a new edge computing technology from Microsoft designed to enable new scenarios for developers and partners, emerged as a preview release this week.

  • Microsoft Shifts 2020 Events To Be Online Only

    Microsoft is shifting its big events this year to be online only, including Ignite 2020.

comments powered by Disqus

Office 365 Watch

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.