The average cost of a data breach is expected to reach $5 million this year. In today’s interconnected world, the potential for far-reaching results has exploded, leaving companies with crippling consequences. Hackers know this and are capitalizing on our connectedness.
Attackers gain unauthorized access to a network through tactics largely proliferated through email. Once you understand the common attack vectors, you can better align your tools and resources to protect your organization. This includes implementing Security Awareness Training (SAT) and user protection strategies specifically designed to combat email-based threats.
Here are five common ways cybercriminals continue to catch us in their snares.
- Missent Emails
Last year’s Acronis report noted that phishing and malicious emails have increased by 60% year over year, with 76% occurring between July and October. Malicious hackers are out there, checking their inboxes for responses and – the occasional windfall.
Sensitive data is transferred via email all the time. We try to be safe, but sometimes we shoot off a quick spreadsheet on our way to lunch, hoping the attachment will load in time, and just hit Send. To the wrong person. It happens. Unfortunately, with so many lurking threat actors out there, those mistakes can have serious consequences.
VIPRE SafeSend data breach calculator lets you determine the potential cost of a data leak due to missent emails. For example, for an enterprise of 2,000 people, no less than 1,610 emails are sent to the wrong person every year. This amounts to 805 hours (about 1 month) of resulting review and the potential for a $108,000 average data breach.
- Ransomware
The 2023 Verion Data Breach Investigations Report (DBIR) notes that 24% of all breaches involve ransomware. While this number appears to be no news at all – it is relatively similar to what we’ve seen in the past – others take a different view.
Chris Novak, managing director of cybersecurity consulting at Verizon Business and manager of the DBIR, postulates that this was a year in which ransomware operators “retooled” in order to gear up for next year’s onslaughts. Think about it: The landscape has changed, and defenders are upping their game (kudos to us). Technology has been improving, and so have efforts in remediation and efficiency. However, this has awakened the bear and now threat actors are “finding other ways to get their ransomware further into the environment and into more sensitive parts of the business in order to be able to better extract larger sums of ransom payments." And while ransom payments are a logical beginning, there are numerous pathways an attacker could exploit once inside.
- Social Engineering Attacks
The “human element” is attributable for 74% of all data breaches this year, per the Verizon DBIR – not only pertains to missent emails, but to online errors writ large. In 2023, the report states that social engineering attacks were responsible for 17% of breaches and one in ten incidents overall.
Specifically, watch out for pretexting attacks, or instances in which one party lies to gain access. You’ll see this in the form of online impersonations. The DBIR states that rates for this type of campaign have doubled year over year.
Business Email Compromise (BEC) is another pernicious form of social engineering, and numbers continue to rise according to the report. While this form of compromise does not get the attention it deserves, the FBI 2022 Internet Crime Report confirmed that it outweighs ransomware in terms of damages by seventy-two times: Ransomware cost victims an average of $34 million, while BEC was responsible for a total sum of $2.7 trillion (about $8,300 per person in the US).
In short, BEC and pretexting attacks now account for over 50% of social engineering ploys, having doubled in the past year alone.
One way to get ahead of these types of incidents is to implement security awareness training. The more users know about what kind of social engineering ploys are out there, the more likely they are to recognize one when they see one.
- Phishing, Phishing, Phishing
Cases of stolen credentials rose from 41.6% to 44.7% of all breaches since last year, notes the 2023 DBIR. These usernames and passwords are commonly acquired through phishing, one of the oldest cyber tricks in the book. As familiar as we all are with it, it continues to fool us – at least a large percentage of the time.
While awareness training can help employees identify fraud, as I mentioned above, there is no substitute for good password habits. Much of the reason criminal hackers can get so far is because users still re-use passwords, giving up access to not one, but many systems in the event of a dupe. Upgrading tools and processes is good, but people still represent a wildcard element in cybersecurity.
- System intrusion
Last year’s DBIR showed system intrusion to be the top incident category, and this year it continues to rank as a leading attack strategy. This year, the DBIR revealed that system intrusion, basic web application attacks, and social engineering accounted for the vast majority (77%) of breaches in the information industry alone. Most of these were financially motivated.
System intrusion is a more sophisticated attack strategy leveraged by seasoned threat actors. These tactics include malware installation via remote injection, desktop sharing software, and web applications.
Preventing Breaches with Tools and Training
While these tactics have successfully stood the test of time, there are equally seasoned ways to fight back.
As always, the first step is awareness. The SafeSend data breach calculator promotes behavioral change by causing employees to take a step back and re-evaluate the emails they send, inside and outside the network. Understanding the consequences of a careless missend lays the groundwork for further protective measures.
These measures include not only Security Awareness Training (SAT), but user protection tools to secure employees against making these mistakes in the first place. By confirming outgoing addresses and attachments in Microsoft Outlook, SafeSend software automatically prevents sensitive emails from being sent to the wrong person. It also scans outgoing emails and attachments to ensure that nothing sensitive leaves the network.
Just like ransomware operators might be taking a year to “retool”, we can also take stock and increase our email security defenses. These common breach tactics may claim their share of casualties, but implementing client-side protections can make sure we don’t give up any ground through preventable careless errors of our own.
About the Author: An ardent believer in personal data privacy and the technology behind it, Katrina Thompson is a freelance writer leaning into encryption, data privacy legislation and the intersection of information technology and human rights. She has written for Bora, Venafi, Tripwire and many other sites.
Source: Story.KISSPR.com
Release ID: 683422