Report: You're Not Ready for Malware Attacks
Most security reports that are put out by IT security companies are basically thinly veiled advertisements for a service that they provide. However, every year Verizon puts out a comprehensive one of their own that lays out the state of internet security and data breaches.
Working with 67 organizations including the US Secret Service, the US Emergency Computer Readiness Team, Kaspersky Lab, Cisco Security Service, and others, the 85 page report found that when it comes to phishing attacks not only are they increasing in number, but thanks to a lack of preparedness, they are becoming more effective. As it turns out the number of phishing emails that were opened has gone up from 23% to 30% over the course of the last year, with 13% of those people opening the malicious link or attachment.
One of the most important things to come out of the report is the prevalence of a new three pronged attack pattern that is becoming more commonly used by cybercriminals. First, they send out a phishing email with a link to a malicious website or containing a malicious attachment. Second, after the link is clicked or the attachment is opened malware is downloaded onto the victim’s computer. That bit of malware opens the door for other malware to be downloaded in order to scour the system for useful data, files to encrypt, or to steal passwords/credentials via a key logger. Finally, these stolen credentials are then used to access a third-party, such as retail or financial sites.
As far as prevention goes, the report pointed out that organizations need to be aware of attack patterns that are common within their specific industry. Simple, consistently executed protocols work better overly complex ones since employees are an organizations first line of defense.
Like in every other aspect of web security it’s a good idea to use multi-level authentication and be on the lookout for spoofed email addresses. They need to be running the latest version of their operating system and that their anti-malware software is up to date.
Monitor logs so that when malicious activity occurs, they know it.
Restrict who has access to an organization’s data and make sure that data is encrypted. That way if data is stolen, the damage is limited and much more difficult to access.
Finally, businesses and organizations need to train their employees to be able to recognize social engineering attacks and phishing emails. Most malware and ransomware attacks start here and it’s far easier to defend against them if employees aren’t opening the door to cybercriminals in the first place.