Phishing & Ransomware: Attackers' Favorite Weapons
- 1 of
-
Phishing & Ransomware: Attackers' Favorite Weapons
Cyber-thieves have developed a taste for ransomware and phishing—favored weapons for accessing corporate information, employee data and other valuable content. -
Steady Flow of Attacks
75% of IT and security executives surveyed said their organizations have experienced at least one cyber-attack in the past year, while 24% have experienced six or more. -
Pessimism Reigns
68% of respondents said that phishing problems are either the same or getting worse, while 77% said that of ransomware issues. -
Gone Phishing
34% of respondents said their network was infiltrated by a phishing attack in the past year. -
Widespread Concern
68% are concerned about the potential for phishing through email, and 63% are concerned about ransomware. -
Execs Attacked
14% of respondents said an email phishing attack was successful in infecting one or more of their company's senior executives. -
Securing the Cloud
36% of respondents' 2017 IT security budgets will be devoted to cloud solutions, up from 29% a year earlier. -
Ineffective Solutions
53% of respondents said that the performance of their ransomware-blocking solutions has either remained static or gotten worse. -
Ransomware Training Lags
Only 27% of respondents characterized as "excellent" the training they receive on detecting and dealing with ransomware. -
Phishing Training a Bit Better
37% characterized as "excellent" the training they receive on detecting and dealing with phishing attacks. -
More Training Needed
51% of respondents said they receive security awareness training once a year or less often.
A review of recent headlines provides the latest reminder that organizations are under siege. Companies like ADP, LinkedIn and Yahoo—as well as federal agencies such the FBI and IRS—have reported substantial breaches this year, and the list is sure to get longer. One thing has changed, however: Today's attackers have developed a taste for ransomware and phishing, which have become favored weapons for accessing corporate information, employee data, intellectual property and other valuable content. Just how popular and effective ransomware and phishing have become is the subject of a recent report Osterman Research sponsored by several security vendors. Osterman surveyed 162 IT and IT security executives from companies that averaged 16,313 employees and 14,161 email users, and it found that phishing and ransomware are growing several hundred percent each quarter—a trend Osterman expects to continue for the next 18 to 24 months. But the situation is far from hopeless. "There are a variety of best practices that organizations should follow in order to minimize their potential for becoming victims," an Osterman researcher wrote in a recent blog post about the report. "Among these best practices are implementing security awareness training, deploying systems that can detect and eliminate phishing and ransomware attempts, searching for and remediating security vulnerabilities in corporate systems, maintaining good backups, and using good threat intelligence."