Phishing Attacks Targeting Fewer—Here’s Why It’s Not Good News
Ransomware attacks are often preceded by phishing attacks, usually designed to capture log-in info.
- August 10, 2021 | Author: Todd Hyten
With ransomware claiming so much headline space (and head space), it’s easy to forget the role that phishing attacks play. Think of these attacks as the “gateway drug” leading to malware/ransomware.
Ransomware attacks are often preceded by phishing attacks, usually designed to capture log-in info. After gaining access, the malware payload is then delivered to the targeted company and infrastructure. There is some evidence that phishing attacks are changing—and certainly not for the better.
The non-profit Identify Theft Resource Center (ITRC) recently released its First Half 2021 Data Breach Analysis. Here is some of the key data:
Publicly reported compromises rose by an alarming 38 percent in Q2 over Q1, affecting 52.8 million people.
Phishing and ransomware remain, respectively, the number-one and number-two causes for data compromise.
Despite the rise in incidents, the number of people affected is dropping.
If trends continue, the number of people affected will be lower than last year.
Why the seemingly contradictory trends in incidents and people affected? ITRC’s chief operating officer James E. Lee was quoted in this post on the Security Boulevard website saying: “Simply put, cybercriminals don’t need to steal as much information as they have historically to commit phishing and ransomware attacks.”
That’s because they are becoming better at targeting individuals for data compromise. Lee goes on to recommend key steps to counter these threats:
Make sure patches are completed as fast as possible.
Ensure you have comprehensive backups.
Train teams in how to spot phishing attempts.
Comprehensive backups mean all data for backup, no matter the location, physical or virtual environment—or cloud-based apps. For MSPs or VARs, this new wrinkle in phishing attacks only underscores the importance of complete data backup and recovery solutions. And although the ITRC report doesn’t explicitly say so, if cyberthieves are targeting more selectively, that may mean they are moving upward into the C-suite or senior managers and senior operational title.
It’s another reason solution providers need to stay on message about how data backup is key to overcoming today’s threats—no matter who is targeted.