News
- Report
Research report released on the time period from the occurrence of a cyber attack to its discovery and disclosure - Cyber attacks that lead to the leak of personal information take an average of more than a year from occurrence to discovery -
Cyber Security Cloud, Inc. (Headquarters: Shibuya-ku, Tokyo; President and CEO: Akira Ohno; hereinafter referred to as "Cyber Security Cloud") is pleased to announce a research report on the period from the occurrence of cyber attacks to their detection and disclosure, based on major personal information leak cases involving unauthorized access at corporations and organizations, totaling over 1,000 cases, announced between January 1, 2019 and July 31, 2020.
■ Average number of days from the occurrence of an attack to its discovery and disclosure

■ The time it took from the attack occurrence to its discovery, and from its discovery to its disclosure

A survey of personal information leaks during the survey period revealed that it took an average of 383 days from the time of the attack until it was discovered, meaning that corporations and organizations were unaware of cyberattacks that led to the leak of personal information for over a year. Furthermore, it was found that it took an average of 69 days from the time of cyberattack discovery until it was made public, totaling an average of 452 days from the time of the incident until it was made public.
Furthermore, when comparing the number of days it took from the attack to its discovery, the most common case was discovered within 30 days of the attack, accounting for 24 cases (41%), followed by more than a year (14 cases, 17%), and more than 180 days but within a year (9 cases, 11%).The cases that took more than 90 days to be discovered together accounted for more than 50% of the total.Furthermore, of the cases that took more than a year, 9 cases took more than 3 years, and in some cases it took nearly 10 years.
Furthermore, when comparing the time between the discovery of an attack and its disclosure, while around 50% of cases were disclosed within 30 days of the discovery of the damage, more than 30% took more than 90 days. In some cases, it took more than a year to disclose the information. In cases like this, where it takes too long to disclose the information, not only do the affected corporations and organizations bear responsibility for the leak of personal information, but it can also lead to further loss of trust.
■Comment from Cyber Security Cloud Director and CTO Yoji Watanabe
One of the reasons why it takes so long for a cyber attack to be discovered is that there is a long latency period between the attack and the information leak, and the leak is reported after the fact, and an investigation reveals that the attack has been ongoing for a long period of time. Furthermore, it takes an average of more than two months from discovery to disclosure, and in such cases, it is thought that not only is disclosure delayed, but detailed investigations of the damage take time.
Furthermore, looking back at the Attack Detection Report for the first half of fiscal year 2020 conducted in July, it was found that cyber attacks increased by nearly 20% during the period when the state of emergency was declared due to the impact of COVID-19, compared to before the declaration. This is thought to be due to factors such as an increase in the number of web service users and a concentration of attacks during periods when offices were less staffed due to companies introducing teleworking and long holidays. Attacks are more likely to increase during times like these when offices are less staffed, and since it takes time for attacks to be discovered once they occur, even greater caution and countermeasures are important.
Furthermore, based on the results of this survey, it is likely that in these circumstances, many attacks are not discovered or made public, and there is a possibility that the number of cases that are discovered and made public will increase significantly in the future. In order to prevent such situations from occurring, it is necessary to take measures such as reviewing your own company's cybersecurity.
<Survey Overview>
-Survey period: January 1, 2019 to July 31, 2020
- Survey subjects: Major personal information leakage cases (81 cases) involving unauthorized access at corporations and organizations with damages of over 1,000 that were announced by the above period
-Research method: Cybersecurity Cloud
About Cyber Security Cloud, Inc.
Company name: Cyber Security Cloud, Inc.
Address: VORT Ebisu Maxim 3rd Floor, 3-9-19 Higashi, Shibuya-ku, Tokyo 150-0011
Representative: President and CEO Akira Ohno
Established: August 2010
URL: https://www.cscloud.co.jp/
With the mission of "creating a safe and secure cyberspace for people all over the world," Cyber Security Cloud provides web application security services worldwide on a subscription basis, leveraging the world's leading cyber threat intelligence and AI technology. Furthermore, AWS, which holds a 47.8% share of the global cloud market, has certified Cyber Security Cloud as the seventh AWS WAF Managed Rules Seller in the world.
As a leading company, we will continue to develop services that create a safe and secure cyberspace for people around the world, and contribute to the promotion of the information revolution.
*Source: Gartner (July 2019) Worldwide IaaS Public Cloud Services Market Share, 2017-2018
(Millions of US Dollars)