The latest annual Microsoft Security Intelligence Report (SIR) has just been issued and indicates that phishing attacks are now by far the most frequent cyber threat. Since their last report, phishing attacks have increased 250%.
Microsoft’s security team are in a great position to analyse trends in cyber security threats. Their figures are based on their internal scans of O365 email addresses and their latest report is based on over 470 billion messages. The results show that not only are the phishing attacks more often, but in a short space of time have become significantly sophisticated.
Technology is getting better at detecting phishing attacks, with machine learning improvements automatically blocking phishing emails. However, unfortunately, phishing continues to be a threat due to the human nature of it. Cyber criminals focus on human fear, panic, brand trust, or ignorance. They continue to use this method of attack due to the success they have with it.
The Rise of Phishing Attacks
The report shows that not only are phishing attacks increasing, but they are becoming the criminals’ preferred attack method. Attackers are often able to convincingly impersonate users and domains. They bait victims with fake cloud storage links, engage in social engineering and create attachments that look similar to those commonly used in the organisation.
As we reported last week on Ransomware-as-a-service, cyber hacking services are now available to any aspiring cyber criminal in an ‘out-of-the-box’ format. Phishing attacks are also now available in kit form. These Phishing Kits clone popular websites and operate from temporary servers. They can be purchased from the Dark Web at reasonable prices.
On analysing the SIR, KnowBe4 note that simple diligence can defeat just about all the phishing attacks listed.
Most phishing messages succeed through social engineering tactics, leveraging blind trust, impulsiveness and lack of awareness. Proper organisation-wide security awareness training that focuses on recognising common phishing attacks and request response policies can drive down the phish-prone percentage of users dramatically.
Vendor Supply Chain
Both Microsoft and KnowBe4 also highlight that while companies must train their staff and internal users, they must also ensure that their vendors are doing the same. Supply chain attacks are another new area of focus for cyber criminals. These attacks tend to deliver malware that installs crypto-currency coin miners. Therefore, any outside vendor with access to your systems is a potential point of compromise.
The best defence is a layered approach to security that involves employee training & collaboration with digital supply chain partners.