back to article Don't be surprised if your organization suffers multiple cyberattacks

Security experts spent years warning enterprises to expect cyberattacks and to plan their defenses accordingly, now Sophos researchers are saying organizations shouldn't be surprised if they get attacked multiple times. In a 23-page report [PDF] released this week in time for Black Hat, the researchers unwind the multiple …

  1. Anonymous Coward
    Anonymous Coward

    If you run Windows

    You deserve everything you get. Suck it up.

    1. Anonymous Coward
      Anonymous Coward

      Re: If you run Windows

      Windows is below MacOS, Debian, Android, Fedora, Ubuntu and the Linux Kernel in the list of distinct vulnerabilities

      1. Peter Gathercole Silver badge

        Re: If you run Windows @AC

        It's interesting that they break different versions of Windows out as distinctly different categories, whereas, say, Debian, they list all CVEs under a single category logged back to 1997.

        But working with this, and very roughly speaking based on publication date, Debian has 6677 CVE vulnerabilities going back to 1997, averaging 267 a year, and Windows 10 has 2839 going back to 2015, averaging 406 a year. Not so clear cut, is it. And that does not differentiate between Debian used as a desktop, and Debian used as a server, whereas Windows 10 and Windows Server 2016 are counted as different products.

        I know that many of the Windows vulnerabilities will overlap between the different Windows versions (as the different Linux distros do as well), but I wonder what the comparison would look like if they aggregated all of the different Windows versions, and eliminated the duplicates.

        This is another case of lies, damn lies, and statistics.

  2. Version 1.0 Silver badge

    I'm concerned but not super worried.

    I see attack attempts almost every hour of so, 365 days a year so I'm reasonably confident that my corporate defenses are functional, I am only concerned when we have days when the attack efforts are virtually never seen - if the mail server doesn't report any virus deliveries then I check everything to make sure that we haven't been eaten. We've been OK for about 20 years now but we started seeing daily phishing and virus deliveries after our first sales to China - I'm not accusing China, I just think that our customers there were all hacked easily in the early days.

    Malware deliveries are normal everyday now aren't they?

  3. DS999 Silver badge

    So it is just like any other scam

    Where if they successfully scam you once they either try to scam you again, or sell your name as part of a 'sucker list' to others using different scams.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like