Tetra Defense: Unpatched Systems Behind Costliest Cyberattacks in Q1

Unpatched systems – not employee error – prompted the most costly cyberattacks during the first quarter of 2022.

That’s according to a new Q1 2022 report by Tetra Defense, an Arctic Wolf company. Each quarter, Arctic Wolf‘s Tetra Defense collects and analyzes data and insights from its incident response engagements in the United States.

Scott Holewinski is Arctic Wolf‘s senior vice president and general manager of incident response.

Arctic Wolf’s Scott Holewinski

“User action is often touted in the media as a top point of compromise, with the fear-mongering attached,” he said. “Reports that someone from HR clicked on a link and single-handedly invited a ransomware attack into their organization are a cautionary tale used by many vendors and employers alike to articulate the consequences of a simple user action.”

User action can be a piece of a threat actor’s strategy, Holewinski said. However, it’s not the easiest way in, nor is it the most popular.

Encouraging Findings

Holewinski said there are a lot of encouraging findings in this report.

“The most significant is that 82% of major cyber incidents are preventable by making sure your organization does not have any vulnerabilities on the perimeter of the network and do not allow external remote desktop protocol (RDP) access directly to workstations or servers,” he said. “If you combine that with using multifactor authentication (MFA), user awareness training, and some level of managed detection and response, your organization will no longer be low-hanging fruit for a major cyber incident. A lot of these are economical to implement. Other than the people time, patching vulnerabilities is usually free.”

Scroll through our slideshow above for more from Tetra Defense’s report on the cost of unpatched systems and more.