Feeling lucky? Just 16% of organizations have reported no security incidents related to phishing or ransomware in the last year. Luck is not a security strategy, and it’s why the vast majority of companies are under attack. Too often, they’re not prepared with the proper security stack to block and stop these attacks. The result? Employees, data, and companies are at risk.
Every day, we see how attackers evolve their strategies to get past defenses. They’ve become quite good at getting to the inbox. One group, we’ve tracked even claims 10,000% access to the inbox. Once there, it takes one click by an employee to give the attacker wide access to files and data.
It has led to a ransomware crisis. The FBI compared it to a looming 9/11. Ransomware has become a dinner discussion. Not a day goes by, seemingly, without news of companies large and small, across all industries, being hit. You’ve no doubt noticed an uptick in headlines screaming about the dangers of losing your data to shadowy groups.
It’s indeed a huge problem. And it’s something you’ll continue to see in the news. Why? More than 95% of these attacks are being executed through standard phishing attacks. That means the first and most important line of defense against these attacks is securing your email and all other places where your company communicates and does business. And if your email isn’t protected, these attacks will happen.
How does this still happen? It’s all down to the security companies use. Here’s a short history lesson: Up until 2015, the only way to secure your email was through something called a Secure Email Gateway. These were the solution when email was on-prem, in a data center. But then email moved to the cloud, and gateways couldn’t effectively move with them. Detection was based on static algorithms, and gateways still can’t detect cloud-specific and customer-specific attacks. And yet, tons of companies still use these tools. According to our research, as many as 18 times more attacks get through to end-users when using those services. It’s no wonder, then, that these major attacks continue to propagate. It’s easy to get to the end-user. Once there, it takes just one click to make a difference.
And it’s not just email. As companies use more and more collaboration tools, like Slack and Microsoft Teams, and file-sharing tools like Dropbox and Box, there are more options than ever for hackers to strike at. Consider the story of an attack on a financial firm that almost brought to its knees. A compromised Microsoft Teams account at a partner organization fooled users at the global financial firm into sharing insider info. After exfiltrating data, the attacker shared a Remote Access Trojan within the group. That Trojan was designed to bypass Teams protections. Based on our analysis, an account in the partner organization was compromised for almost a year, as the hacker listened in on an inter-organizational Teams chat. How many attackers, then, have been sitting in your environment for one year?
Hackers have more opportunities than ever before, taking advantage of our incredibly connected world to send malware, phishing, and ransomware to companies of all sizes, cashing in with record paydays. This ransomware crisis is not just a blip on the radar, not a just a moment in time. Without significant, structural changes, it is here to stay.
We’ve watched as companies continue to apply 20th-century solutions to 21st-century problems. Companies have to bolster their protections to meet the increase in attacks. Failure to do so won’t only harm your company. It could harm an entire industry and country. How are you going to respond?