Who's Behind All the Phishing?
May 10, 2016 by Bill Rosenthal

The Verizon 2016 Data Breach Investigations Report (follow the link to a page from which you can download it) is out. This year, it is based on a dataset of 64,199 incidents that resulted in 2,260 confirmed breaches. It covers more than 20 industries in 82 countries. 

The report points out that phishing as an attack vehicle has continued its upward trend from previous years. Email is still the favored medium, and the report notes that, compared to last year, the percentage of victims who opened suspicious emails has increased (it’s now up to 30%), while the percentage of those who clicked on the attachment or link once the email was opened has declined (it’s now down to 12%). This suggests to me that criminals are getting better at making their emails look legitimate, while victims are getting better at recognizing the criminals’ ploys. 

It’s fascinating to learn who is behind the phishing campaigns: “The main perpetrators for these types of attacks are organized crime syndicates (89%) and state-affiliated Actors (9%).” That covers 98%, which is kind of scary. It means that phishing is not dominated by Nigerian princes and kids in basements. It is now the province of substantial organizations with significant resources, hiring specialists and pursuing sophisticated strategies.

In other words, the defenses of ordinary email users can easily be outclassed by the resources criminals can bring to bear on deceiving them. In fact, we found this to be the case when we launched our CyberSAFE Readiness Test. It is a 15-question test designed to determine how well employees recognize and avoid cyber threats. When we rolled out the test, less than 10% of participants passed. (For more information about the CyberSAFE Readiness Test and to receive access to the test at no charge, please contact us at +1.800.889.8350.)

Our experience suggests the average employee has only a one in ten chance of protecting your company from the criminal organizations and nation-states that are trying to compromise you through phishing.

You need to make sure every employee in your organization is aware of how cyber attacks can occur and what’s at risk in the event of a breach. Consider a program like CyberSAFE, the Logical Operations class that enables employees of any organization to identify many of the common risks associated with using conventional end-user technology, as well as how to safely protect themselves and their organizations from security risks.

You can have a skilled CyberSec First Responder (CFR) team, but unless all your employees know how to recognize threats, your CFR team will be stretched too thin to deal with all the attacks. Your best hope for protecting your organization’s information assets is to both field a CFR team and train all the organization’s employees to recognize and avoid threats.

Read the Verizon report, then do an assessment of your organization. Are you ready to respond to the increasingly proficient attacks that are occurring? If not, designate, train, and support a CFR team. Are all your employees capable of resisting the innovative phishing attempts that are beginning to plague businesses worldwide? If not, train them to recognize threats