Ransomware and Phishing Dangers On the Rise

Ella Shenhav
Shutts & Bowen LLP
Contact
LinkedIn
Facebook
X
Send
Embed

Internet users have (mostly) learned to avoid scams by supposed Nigerian princes looking to share a vast inheritance, and there has been a rise in awareness of other common signs of phishing attempts, such as poor spelling and grammar and suspicious email addresses. But as internet users become savvier about identifying cyber threats, cyber-criminals continue to finesse their attacks. Phishing emails today can look almost identical to legitimate business-related emails, and are often successful at evading even the most sophisticated spam filters.

According to a new report by the cybersecurity company Acronis, nearly half of all cyber breaches during the first half of 2022 involved stolen credentials, and the cyber-criminals’ main tool has been phishing. One out of 100, or 1%, of the received emails in the sample studied by Acronis were malicious, and they observed 600 malicious email campaigns, of which 81% were phishing campaigns, with an average of 10 attacked organizations per campaign. Of all of the malicious emails reviewed by Acronis, 58% were phishing, 28% were malware, 7% were advanced attacks, and 7% were other malicious emails. And with companies relying more on more on cloud-based networks, cyber-criminals continue to devise methods to breach these networks through unpatched or software vulnerabilities to extract data.

Ransomware, observed the report, is still the top cyberthreat for businesses. Although the number of ransomware incidents has increased by only 1% between Q1 and Q2 of 2022, ransomware is getting worse – worse, in fact, than they had previously predicted. Although there are few ransomware gangs left thanks to law enforcement efforts, the ones that are operating continue to inflict significant damage, and global ransomware damages are estimated to exceed $30 billion by 2023.

“Increasing complexity in IT continues to lead to breaches and compromises highlighting the need for more holistic approaches to cyber-protection. […] The current cybersecurity threat landscape requires a multi-layered solution that combines anti-malware, EDR [endpoint detection and response], DLP [data loss prevention], email security, vulnerability assessment, patch management, RMM [remote monitoring and management], and backup capabilities all in one place,” the report stated.

Send Print Report

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.

© Shutts & Bowen LLP | Attorney Advertising

Written by:

Shutts & Bowen LLP
Shutts & Bowen LLP
Contact
more
less

Shutts & Bowen LLP on:

Reporters on Deadline

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign Up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
Custom Email Digest
- hide
- hide