Log4J/Log4Shell is still being actively exploited.

Edward Gately, Senior News Editor

July 1, 2022

7 Slides

Unpatched systems – not employee error – prompted the most costly cyberattacks during the first quarter of 2022.

That’s according to a new Q1 2022 report by Tetra Defense, an Arctic Wolf company. Each quarter, Arctic Wolf‘s Tetra Defense collects and analyzes data and insights from its incident response engagements in the United States.

Scott Holewinski is Arctic Wolf‘s senior vice president and general manager of incident response.

Holewinski-Scott_Arctic-Wolf.jpg

Arctic Wolf’s Scott Holewinski

“User action is often touted in the media as a top point of compromise, with the fear-mongering attached,” he said. “Reports that someone from HR clicked on a link and single-handedly invited a ransomware attack into their organization are a cautionary tale used by many vendors and employers alike to articulate the consequences of a simple user action.”

User action can be a piece of a threat actor’s strategy, Holewinski said. However, it’s not the easiest way in, nor is it the most popular.

Encouraging Findings

Holewinski said there are a lot of encouraging findings in this report.

“The most significant is that 82% of major cyber incidents are preventable by making sure your organization does not have any vulnerabilities on the perimeter of the network and do not allow external remote desktop protocol (RDP) access directly to workstations or servers,” he said. “If you combine that with using multifactor authentication (MFA), user awareness training, and some level of managed detection and response, your organization will no longer be low-hanging fruit for a major cyber incident. A lot of these are economical to implement. Other than the people time, patching vulnerabilities is usually free.”

Scroll through our slideshow above for more from Tetra Defense’s report on the cost of unpatched systems and more.

Want to contact the author directly about this story? Have ideas for a follow-up article? Email Edward Gately or connect with him on LinkedIn.

Read more about:

MSPsVARs/SIs

About the Author(s)

Edward Gately

Senior News Editor, Channel Futures

As news editor, Edward Gately covers cybersecurity, new channel programs and program changes, M&A and other IT channel trends. Prior to Informa, he spent 26 years as a newspaper journalist in Texas, Louisiana and Arizona.

Free Newsletters for the Channel
Register for Your Free Newsletter Now

You May Also Like