Phishing attacks in 2021 had a much wider impact than in 2020, according to a cybersecurity’s eighth annual State of the Phish report. Most, 83pc of Proofpoint, Inc survey respondents said their organisation experienced at least one successful email-based phishing attack, up from 57pc in 2020. In line with this, more than two-thirds (68pc) of organisations said they dealt with at least one ransomware infection stemming from a direct email payload, second-stage malware delivery, or other exploit. The year-over-year increase remains steady but representative of the challenges organisations faced as ransomware attacks surged in 2021, the cyber firm says.
Alan Lefort, SVP and GM of Security Awareness Training for Proofpoint, said: “Where 2020 taught us about the need to be agile and responsive in the face of change, 2021 taught us about the need to better protect ourselves. As email remains the favoured attack method for cyber criminals, there is clear value in building a culture of security. In this evolving threat landscape and as work-from-anywhere becomes commonplace,’ it is critical that organisations empower their people and support their efforts to learn and apply new cyber skills, both at work and at home.”
Adenike Cosgrove, Cybersecurity Strategist, International at Proofpoint, said: “Further, security professionals in the UK are the most likely to report that their organisations face high volumes of non-emailed-based social engineering attacks. This compounds the fact that the UK is facing threats from all angles, however the key to battling these threats starts with employees. All of these attacks require human interaction to be successful, emphasising the need for increased employee security awareness and training. Compared to global counterparts, UK workers had the highest awareness of the term ‘phishing’ which is promising, but at only 62pc we still have a way to go to ensure businesses remain secure.”
A majority, 60pc of those infected with ransomware paid a ransom. About one in three (32pc) paid additional ransom sums to regain access to data and systems. A majority, 54pc regained access to data/systems after the first payment, while 4pc never got access to data/systems, even after paying. One in ten refused to pay additional ransom demand(s) and walked away without data.
Many workers exhibit risky behaviours and fail to follow cybersecurity best practices, the cyber firm warns: 42pc said they took a dangerous action (clicked a malicious link, downloaded malware, or exposed their personal data or login credentials) in 2021. A majority, 56pc of people who have access to an employer-issued device (laptop, smartphone, tablet) allowed friends and family to use those devices to do things like play games, stream media, and shop online.
Most, 77pc of UK organisations punish employees who interact with real or simulated phishing attacks. The UK was also most likely of all countries to incorporate more “severe” punishments, with 42pc inflicting monetary penalties (versus the 26pc global average) and 29pc terminating employees based on their interactions with real and simulated attacks (versus the 18pc global average).
To download the State of the Phish 2022 report, and see global and regional comparisons visit: https://www.proofpoint.com/uk/resources/threat-reports/state-of-phish.
Comments
Rick Jones, CEO andCo-Founder, DigitalXRAID said that the report highlights how prominent phishing attacks continue to be and the increasing danger they pose now they have become so intertwined with ransomware. “With 84pc of UK organisations being faced with at least one email-based ransomware attack in 2021, workforce cybersecurity training and awareness has never been more important. Businesses should make use of phishing simulation platforms, consulting on best practice with a specialist security services partner, to test employees against the latest scams and feedback on how they’re performing. These short exercises should be run frequently to reinforce good cyber hygiene and get security front-of-mind for all.
“Critically, the report also found that 60pc of world organisations paid a ransom to their attackers. If we are ever to overcome the threat of ransomware, paying up must stop and enterprises must deploy a number of proactive threat detection processes. This includes 24/7 network monitoring and a Security Operations Centre (SOC) that can identify and react to an attack before data is compromised. Given that we are still faced with a critical cyber skills gap, outsourcing to the experts is the best option here. If a bad actor does manage to penetrate a network through a phishing attack, a lack of skills and capability for detection in house means an organisation will be unable to proactively protect its network and this is when paying ransom becomes more appealing.”
And Shane Curran, CEO and founder of Evervault described ransomware as one of the most serious threats to organisations. “Businesses must ensure data, whether it’s card details, passwords or health information, is encrypted to prevent them from becoming an easy target for cybercriminals. If implemented correctly, strong encryption is a business asset and a tool in the arsenal of successful companies. Widespread use of strong encryption would eliminate the continued temptation for businesses to pay ransoms, a dangerous trend that fuels the growth of cybercriminal operations worldwide.”
