Cybercriminals are using some rather old tricks to target human weakness as they look to reap higher rewards from a wide range of attacks, according to a new report.
The latest Verizon Data Breach Investigations Report discovered a major rise in phishing attacks over the past year, as criminals
It found that 30 percent of phishing messages were opened – up from 23 percent in the previous year – and 13 percent of these resulted in malware or some other nefarious backdoor being installed.
The report also highlighted the increasingly quick speed in which cybercrime is committed. In 93 percent of cases, it took attackers minutes or less to compromise systems and data exfiltration occurred within minutes in 28 percent of the cases.
The team found that three-pronged attacks were becoming the norm for many criminals as they looked to target major organisations. First off, a phishing email with a link pointing to the malicious website or mainly a malicious attachment is sent to a company web address.
When downloaded, this or additional malware can be used to look for secrets and internal information to steal (cyberespionage) or encrypt files for ransom, often through keylogging.
These credentials are then often used to facilitate further attacks, such as to logging in to third party websites like banking or retail sites.
However those higher up in big companies can also often be held to blame, as the report found that so-called ‘miscellaneous errors,’ was the leading cause of security incidents in 2015.
This included 26 percent of all recorded errors involving sending sensitive info to the wrong person, with other errors in this category including the improper disposal of company information, misconfiguration of IT systems, and lost and stolen assets such as laptops and smartphones.
The company is now calling for organisations to implement as many security precautions as possible, as it found a worryingly large number do not offer protection methods such as two-factor authentication and data encryption.
“This year’s report once again demonstrates that there is no such thing as an impenetrable system, but often times even a basic defence will deter cybercriminals who will move on to look for an easier target,” said Sartin.
How much do you know about the world’s most notorious hackers? Try our quiz!
Targetting AWS, Microsoft? British competition regulator soon to announce “behavioural” remedies for cloud sector
Move to Elon Musk rival. Former senior executive at X joins Sam Altman's venture formerly…
Bitcoin price rises towards $100,000, amid investor optimism of friendlier US regulatory landscape under Donald…
Judge Kaplan praises former FTX CTO Gary Wang for his co-operation against Sam Bankman-Fried during…
Explore the future of work with the Silicon In Focus Podcast. Discover how AI is…
Executive hits out at the DoJ's “staggering proposal” to force Google to sell off its…