Solutions + Managed IT Data Security Data Center Backup & Recovery Virtualization Digital |
Company +Learn more about the iON philosophy and why businesses choose us for IT Support. |
Tech Talk +News on today's gadgets and gizmos, business technology, the latest iON events, and more. |
Contact |
Tech Talk for the reader of all things technology. |
Two weeks after the first infections of WannaCry, the Ransomware that took the world by storm, we can finally take a deep breath and try to analyze the damage this campaign has done. One element worth noting is that while it may have disrupted lots of businesses, WannaCry failed to generate equivalent income for its creators. The bitcoin wallets created to collect ransoms contains a bit more than $100,000, an amount that pales in comparison with other, less famous ransomware campaigns of the past. This is the result of a variety of mistakes in the malware, like for example the famous kill-switch, an easy to control check that effectively shut down the malware. Unfortunately, the ransomware, even if it was not successful in terms of monetization, still impacted a large number of companies and individuals that were not ready for something of these proportions. In addition, WannaCry has breathed new life into the world of ransomware, attracting more people than ever to this kind of illegal activity. In fact, we have seen a number of new Ransomware variants emerge in the last week. While some of them were copycats, others were enhanced versions of WannaCry, using not just one, but in some cases up to 7 different NSA exploits. Now more than ever, its vital for you to always keep a backup of your work and be up-to-date with all the security patches released. Spear-phishing attacks have become increasingly “laser-focused,” with many campaigns aimed at only a small number of inboxes belonging to the targeted organization, according to a report published this week by Israel-based anti-email phishing solutions provider IRONSCALES. The company has analyzed data from 500,000 inboxes belonging to more than 100 of its customers over a period of 12 months. An evaluation of 8,500 emails that bypassed spam filters showed that roughly 77 percent of attacks targeted 10 inboxes or less, and one-third of malicious messages targeted only one inbox. Experts believe attackers have been targeting fewer inboxes as this can help their operation stay under the radar longer, and it increases their chances of success if the emails are “hyper-personalized.” The IRONSCALES study showed that 65 percent of email phishing attacks lasted for up to one month, and nearly half of them only lasted for less than 24 hours. Of the campaigns that went on for more than 30 days, roughly one-third spanned across 12 months or more. Researchers noticed that attackers have increasingly aimed blast campaigns, which are not tailored to the recipient, at less than 10 mailboxes at a time. On the other hand, malware drip campaigns, which are more personalized, are more successful at bypassing traditional spam filters and they typically last longer. According to the report, nearly 95 percent of phishing emails were part of highly targeted campaigns involving messages that impersonated someone from within the organization. Phishing emails that spoof a popular brand name are less common as they are more likely to be caught by spam filters - IRONSCALES noted that for every five brand-spoofing attacks detected by spam filters, 20 spear-phishing emails went undetected. The most targeted departments are operations and finance, and the most frequently spoofed brands are DHL and Google. “Sophisticated email phishing attacks represent the biggest threats to organizations of all sizes,” said Eyal Benishti, founder and CEO of IRONSCALES. “This report verifies that attackers have adopted numerous tools and techniques to circumvent traditional rules-based email security and spam filters. It’s now incumbent upon all organizational leaders to make sure that their employees are well-trained in phishing mitigation and that the cybersecurity technology in place is sophisticated enough to identify, verify and remediate email phishing attacks in real-time.” |