77 per cent of companies can't respond effectively to cyber attacks

NTT Com Security today released its annual Global Threat Intelligence Report (GTIR), which examines the threat landscape by analysing the attacks, threats and trends from the previous year.

This year's report is the most comprehensive to date, featuring key findings from partners including Lockheed Martin and the Center for Internet Security and pulling information from 24 security operations centres, seven R&D centres, 3.5 trillion logs, 6.2 billion attacks and nearly 8,000 security clients across six continents.

The report finds that, on average, only 23 per cent of organisations are capable of responding effectively to a cyber incident, with 77 per cent having no capacity to respond at all.

In terms of the types of attacks, spear phishing accounted for 17 per cent of incident response activities, with the attacks targeting executives and finance personnel in many cases. The volume of Distributed Denial of Service (DDoS) attacks fell by 39 per cent compared to 2014 and all of the top 10 vulnerabilities targeted by exploit kits during 2015 were related to Adobe Flash. Furthermore, the number of publicised Flash vulnerabilities jumped by a massive 312 per cent from 2014.

There is also bad news for the retail sector, which experienced the most attacks per client in 2015 - despite the finance sector being hit by the highest volume of attacks overall. The hospitality, leisure and entertainment sector came in second, followed by insurance, government and manufacturing.

Rather worryingly, for vulnerabilities with a Common Vulnerability Scoring System (CVSS) score of 4.0 or higher, nearly 21 per cent detected in client networks were more than three years old, with some dating as far back as 1999.

The full report can be found here.

Image source: Shutterstock/lolloj