September 30, 2019
Proofpoint, Inc., a cybersecurity and compliance company, announced its annual Human Factor report findings, which highlight the ways in which cybercriminals target people, rather than systems and infrastructure, to install malware, initiate fraudulent transactions, steal data, and more.
The report, based on an 18-month analysis of data collected across Proofpoint’s global customer base, spotlights attack trends to help organisations and users stay safe.
“Cybercriminals are aggressively targeting people because sending fraudulent emails, stealing credentials, and uploading malicious attachments to cloud applications is easier and far more profitable than creating an expensive, time-consuming exploit that has a high probability of failure,” said Kevin Epstein, Vice President of Threat Operations for Proofpoint. “More than 99 percent of cyberattacks rely on human interaction to work—making individual users the last line of defence. To significantly reduce risk, organisations need a holistic people-centric cybersecurity approach that includes effective security awareness training and layered defences that provide visibility into their most attacked users.”
The report findings include:
- More than 99 percent of threats observed required human interaction to execute – enabling a macro, opening a file, following a link, or opening a document – signifying the importance of social engineering to enable successful attacks.
- Microsoft lures remain a staple. Nearly one in four phishing emails sent in 2018 were associated with Microsoft products. 2019 saw a shift towards cloud storage, DocuSign, and Microsoft cloud service phishing in terms of effectiveness. The top phishing lures were focused on credential theft, creating feedback loops that potentially inform future attacks, lateral movement, internal phishing, and more.
- Threat actors are refining their tools and techniques in search of financial gain and information theft. While one-to-one attacks and one-to-many attacks were more common when impostor attacks first began to emerge, threat actors are finding success in attacks using more than five identities against more than five individuals in targeted organisations.
- The top malware families over the past 18 months have consistently included banking Trojans, information stealers, RATs, and other non-destructive strains designed to remain resident on infected devices and continuously steal data that can potentially provide future utility to threat actors.
Categories : Around the Industry