Business Disruption Becoming Main Attack Objective For More Adversaries According to a report by US-based cybersecurity firm CrowdStrike, 36 per cent of all incidents it investigated in 2019 had business disruption as their main objective. These attacks were largely caused by ransomware, destructive malware or DoS attacks.

By Debroop Roy

Opinions expressed by Entrepreneur contributors are their own.

You're reading Entrepreneur India, an international franchise of Entrepreneur Media.


Over the last few decades, as more and more of the world has gone digital, there has been an obvious increase in the amount of cyber security threats as well. As is the case with most things connected to the internet, the chances of a system breach has kept getting higher as adversaries have found newer, better ways to carry out their nefarious tasks.

According to a report by US-based cybersecurity firm CrowdStrike, 36 per cent of all incidents it investigated in 2019 had business disruption as their main objective. These attacks were largely caused by ransomware, destructive malware or Denial of Service (DoS) attacks.

In 51 per cent of all intrusions, the report found that malware-free techniques were used. In 22 per cent of cases investigated, both malware-free and malware-based ones were used in concert.

Self-Identification and Dwell Time

An important finding of the report was that dwell time, which represents the period from when a compromise happens to the time it is detected, increased significantly in 2019. Last year, the average dwell time turned out to be 95 days, up from 85 a year earlier. This number had, in fact, come down slightly in 2018, from 86 days in 2017.

CrowdStrike also observed that several breaches were by those that gained initial access more than a year before discovery, and in a number of cases, more than three years.

"This demonstrates the need for better visibility and for implementing proactive threat hunting to uncover attacks early," the report stated.

It found that state-sponsored threat actors were applying countermeasures, allowing them to remain undetected for a long period of time, especially in environments protected by legacy security tech.

However, despite the dwell time increase, the report found that there has been a steady increase in the number of organizations that are now self-detecting a breach. From 68 per cent in 2017, the number had grown to 79 per cent last year.

What Organizations Must Be Careful About

The report found that attacks on third party service providers were on the rise as these could result in compromising their clients' data and scale the attack size. Attackers were also targeting cloud infrastructure providers to help them get access to more information rapidly, it stated.

Many organizations, despite having tools to safeguard themselves, have failed to leverage those. CrowdStrike observed that this failure not only leaves organizations vulnerable, it also gives them a false sense of security.

Attack Impacts

While business disruption came right on top when it comes to attack impacts, data theft followed right behind. It was observed in 25 per cent of all breaches the company investigated. Data theft includes the theft of intellectual property (IP), personally identifiable information (PII) and personal health information (PHI).

The report said: "IP theft has been linked to numerous nation-state adversaries that specialize in targeted intrusion attacks. PII and PHI data theft can enable both espionage and criminally motivated operations. Typically, this type of data may be used by a cyber espionage actor to build a dossier on a high-profile target, or a cybercriminal may sell or ransom the information."

Monetary loss occupied 10 per cent of the chart in terms of attack impacts. Attacks in this category this year include include crimeware, formjacking, cryptojacking among others.

Debroop Roy

Former Correspondent

Covering the start-up ecosystem in and around Bangalore. Formerly an energy reporter at Reuters. A film, cricket buff who also writes fiction on weekends.

Related Topics


If You Want People to Follow You, Stop Being a Boss — 8 Steps to Truly Effective Leadership

Understand the key differences and embark on the journey from boss to leader with these eight vital steps. This article unveils how to inspire and lead teams with passion and purpose.


Combating Deepfakes

While AI has made significant contributions to various industries, it also has a dark side which has surfaced in the form of deepfakes. According to experts, tackling the menace requires an approach and blockchain technology offers a formidable solution.

Business News

Photos Leak of McDonald's New Space Age Spinoff Restaurant 'CosMc's'

The mega fast food chain is experimenting with a galactic-themed restaurant, drawing inspiration from an alien character featured in its 1980s commercials.


The Semiconductor 'FOMO'

The current push to develop India into a semiconductor manufacturing hub through PLI and DLI schemes under the umbrella of India Semiconductor Mission (ISM) is a step in the right direction. However, the transition period for India to develop an end-to-end footprint in the semiconductor value chain will need a decade


4 Out of 5 Entrepreneurs Step Down as CEO — Here Are 3 Things You Need to Do So You're Not One of Them.

Navigating the journey from entrepreneur to CEO is a profound transformation, one that often separates visionary founders from effective business leaders.

Growing a Business

How to Build an Advisory Board That Drives Startup Success

Here's what startup founders must consider when crafting an advisory board.