41% increase in internally sourced cyber threats/data leaks in 2019
Businesses need to put more stress on prevention against threats that originate from the inside. Its all too easy for an employee or even a manager to click on a link from a familiar brand or open an inconspicuous attachment. This can be devastating.
Mimecast’s “The state of security 2019” report shows 41% of organisations have seen increases in internally sourced threats/data leaks in comparison to last year. The report from the Mimecast Threat Centre provides technical analysis of threats that emerged from April to June 2019, along with assessment of potential future attack trends.
Here are some other alarming figures from the report.
- 71% of organisations reported seeing attacks where malicious activity was spread from one computer to another, which was up on the previous year.
- 86% of respondents reported that their organisation had experienced threats/data leaks by careless employees.
- During April-June 2019, more than two million opportunistic attacks were blocked by Mimecast.
Sadly, email remains the most commonly used medium for cyber-attacks. With an increase in user awareness, threat actors (cyber criminals) are developing new techniques to fool victims. These techniques include using attachments with a variety of older, more obscure file extensions (like .ace) to distribute malware.
Threat actors are also using new tactics intended to overcome detection technology and other security controls. Here are some emerging attacks to watch out for:
Threat Actor Reconnaissance
In this type of cyber-attack, a threat actor will try to gain as much information as possible. This is often via email phishing. They will then launch a more serious type of attack.
Malicious VBScript files are hidden within a series of deceptive layers. These layers are used to prevent them from being detected. One example of this is hiding the file within a .tar attachment. A .tar file type can hold many files and directories within a single file.
Whilst more sophisticated techniques are being adopted, simple impersonation email attacks are still on the rise, with threat actors looking for a fast and easy financial gain. Whichever approach they use, businesses need to gain the upper hand and adopt a more next generation approach to cyber security. You can achieve this by using IT specialists who proactively track cyber threat trends to ensure your business is ready when new threats arise. A good IT support provider will also provide critical training on identifying these email scams.
If you think your organisations security strategies are lacking, then give our team of experts a call on 01933 426162.