Skip to content

94% of Incidents Involve Obfuscated Infrastructure – Defense Efforts Remain Reactive

In a nutshell: Security teams are drowning in IP enrichment data but cannot proactively locate the attackers behind them because anonymization techniques are too widespread.

A survey shows that 94 percent of security incidents involve anonymized or obfuscated infrastructure. Despite growing volumes of IP data and threat intelligence sources, teams struggle to identify the attackers behind those addresses.

Security teams have access to unprecedented volumes of IP data: analysts daily import enrichment feeds, geolocation data, reputation scores, telemetry, and threat intelligence from a growing ecosystem of vendors and platforms. Yet the industry faces a fundamental challenge – filtering out the noise to determine who actually stands behind an IP address.

According to the survey, 94 percent of all reported security incidents are associated with anonymized or obfuscated infrastructure. This creates massive operational pressure for CISOs and their teams: attackers systematically use proxy services, VPNs, Tor networks, and other obfuscation tools to hide their origins and complicate attribution.

A key problem lies in the reactive posture of many organizations. Rather than proactively identifying and tracking attackers, teams spend their resources conducting forensic analysis of incidents that have already occurred. The mere availability of more data – feeds, reputation lists, telemetry – does not solve this fundamental problem as long as the capability to quickly correlate and leverage this information is lacking.

For CISOs, this means: investments in pure data sources are insufficient. What is necessary is better integration of threat intelligence systems, automated correlation, and effectiveness metrics to enable the transition from reactive to preventive and proactive defense.


Source: thehackernews.com · Published June 16, 2026
Lumi AI News — AI-assisted curation in accordance with Article 50 EU AI Act. Paraphrase and classification through Lumi News Pipeline v1.7.1.

Share on: