Cybercriminals are using some rather old tricks to target human weakness as they look to reap higher rewards from a wide range of attacks, according to a new report.
The latest Verizon Data Breach Investigations Report discovered a major rise in phishing attacks over the past year, as criminals
It found that 30 percent of phishing messages were opened – up from 23 percent in the previous year – and 13 percent of these resulted in malware or some other nefarious backdoor being installed.
The report also highlighted the increasingly quick speed in which cybercrime is committed. In 93 percent of cases, it took attackers minutes or less to compromise systems and data exfiltration occurred within minutes in 28 percent of the cases.
The team found that three-pronged attacks were becoming the norm for many criminals as they looked to target major organisations. First off, a phishing email with a link pointing to the malicious website or mainly a malicious attachment is sent to a company web address.
When downloaded, this or additional malware can be used to look for secrets and internal information to steal (cyberespionage) or encrypt files for ransom, often through keylogging.
These credentials are then often used to facilitate further attacks, such as to logging in to third party websites like banking or retail sites.
However those higher up in big companies can also often be held to blame, as the report found that so-called ‘miscellaneous errors,’ was the leading cause of security incidents in 2015.
This included 26 percent of all recorded errors involving sending sensitive info to the wrong person, with other errors in this category including the improper disposal of company information, misconfiguration of IT systems, and lost and stolen assets such as laptops and smartphones.
The company is now calling for organisations to implement as many security precautions as possible, as it found a worryingly large number do not offer protection methods such as two-factor authentication and data encryption.
“This year’s report once again demonstrates that there is no such thing as an impenetrable system, but often times even a basic defence will deter cybercriminals who will move on to look for an easier target,” said Sartin.
How much do you know about the world’s most notorious hackers? Try our quiz!
Suspended prison sentence for Craig Wright for “flagrant breach” of court order, after his false…
Cash-strapped south American country agrees to sell or discontinue its national Bitcoin wallet after signing…
Google's change will allow advertisers to track customers' digital “fingerprints”, but UK data protection watchdog…
Welcome to Silicon In Focus Podcast: Tech in 2025! Join Steven Webb, UK Chief Technology…
European Commission publishes preliminary instructions to Apple on how to open up iOS to rivals,…
San Francisco jury finds Nima Momeni guilty of second-degree murder of Cash App founder Bob…