One significant finding published in our 1H 2022 FortiGuard Labs Threat Report is that ransomware is rampant. We’re seeing ransomware attacks becoming more sophisticated and aggressive, with attackers introducing new strains and updating, enhancing, and reusing old ones. What’s especially concerning as we look back at the first half of 2022 is that the number of new ransomware variants we identified increased by nearly 100% compared to the previous six-month period.
How does ransomware make its way into an organization in the first place? Ransomware can be delivered to an unsuspecting victim in many ways. Yet according to research, phishing is the number one attack vector associated with ransomware. This is why it’s critical for all employees to be cyber aware and cybersecurity training can make the difference from being one click away from a breach.
What is Phishing?
A phishing attack is a type of cybersecurity threat that often targets users directly through email, text message, or on social media. During one of these scams, the attacker poses as a trusted contact to steal sensitive data like login credentials, account numbers, and credit card information.
How are Phishing Attacks Carried Out?
Phishing attempts can be diverse, as attackers are continually becoming more sophisticated and creative with their techniques. Some well-known types of phishing attacks include spear phishing, clone phishing, vishing, whaling, snowshoeing, and business email compromise, to name a few.
There’s also been a reported uptick in a newer method of phishing recently, referred to as Multi-Factor Authentication (MFA) Fatigue. This is when a threat actor runs a script that attempts to log in with stolen credentials over and over, which sends an onslaught of MFA push requests to a user’s device. The intent is for the user to become overwhelmed by the stream of notifications and accidentally hit “approve,” giving the malicious actor their credentials.
What unites these exploits is that they share a common goal: identity theft or the transfer of malware.
5 Actions Security Teams Can Take to Combat Phishing
When it comes to preventing cyberattacks like phishing, your security team and your organization’s employees both have important roles to play. From having the right technologies to implementing organization-wide cybersecurity training programs, there are many simple actions enterprises can take to improve their security posture and defend against potential compromises.
Here are five best practices we recommend every enterprise implement to guard against phishing:
Help Your Employees Spot Phishing Attempts
According to the Verizon Data Breach Investigations Report for 2022, 82% of successful breaches involved the human element. While having the right security technologies and processes in place is undoubtedly critical for protecting an organization, humans are often the weakest link in an enterprise’s cybersecurity ecosystem. Hence, educating employees on cybersecurity best practices is a must.
When implementing an ongoing, organization-wide education program, identify key areas to cover that present the biggest risks to the end user (and inevitably your business). In the case of phishing, offer employees practical tips for identifying a potential phishing attempt. For example, encourage them to review emails closely — verifying the sender’s address, reviewing the grammar and spelling, and looking for links or attachments — before taking any action.
By: Aamir Lakhani, Global Security strategist and researcher and Rob Rashotte, Vice President, Global Training & Technical Field Enablement at Fortinet