The 2019 Verizon Data Breach Investigations Report came out last month and provided us with some interesting data points worth discussion.
The report is a study of nearly 42,000 security incidents covering more than 2,000 data breaches. In their 2018 report, Verizon noted that over 90 percent of breaches start with a phishing attack, and this year phishing is again one of the top threat actions – no surprise there to those on the front lines. Phishing is also the top social engineering attack type by far, which should be troubling for those organizations that rely on traditional network security protocols and tools, since these attacks tend to target and manipulate human behavior. Cited also was the fact that financial gain is leading the way in terms of motivation for attacks, so it’s no wonder that the C-suite is finding themselves in the crosshairs of many threat actors.
This year’s Verizon report showed that social engineering threats that target the C-suite were up 12-fold over 2018 levels. Frequently the social engineering phishing attacks came in the form of emails that appeared to be from one C-level executive to another – often a CFO with access to financial assets. Since these C-level executives have further reaching access to sensitive company data and financial access, and since these executives are rarely challenged over their actions in the near-term, they are growing as a target.
Dave Hylender, a senior risk analyst at Verizon, was recently quoted in a Dark Reading article on these C-level attacks:
“They have greater privileges so they can approve things without having to go through a chain of command. Executives have so many things going across their desks every day and often have to quickly deal with several issues demanding their attention. As a result, they may not be as sensitive to fraudulent emailed requests and approve attackers’ demands.”
As we’ve blogged about consistently (and persistently), the human element plays a major role in the success of today’s phishing attacks, making it the attack vector of choice for today’s threat actors. Bryan Sartin, an executive with Verizon had this to say:
“As businesses embrace new digital ways of working, many are unaware of the new security risks to which they may be exposed. They really need access to cyber detection tools to gain access to a daily view of their security posture, supported with statistics on the latest cyber threats. Security needs to be seen as a flexible and smart strategic asset that constantly delivers to the businesses and impacts the bottom line.”
While a daily view of cyber threats is great, it may still not be enough with today’s fast-moving phishing threats, some of which are active for just hours. The time-to-discovery deficit is becoming a major security concern for organizations. Two different studies indicate that the speed of automation is the most likely way to combat detection deficit. SlashNext Real-Time Phishing Threat Intelligence identifies live zero-hour threats in real-time and allows organizations to respond in real-time with automated blocking through their firewall.
In addition, our Targeted Phishing Defense solution protects against previously unknown C-level social engineer attacks. Its automated and uses real-time detection to identify data exfiltration, C2 communications and phishing threats that slower technologies seem to miss.
You can check this technology out yourself. Contact us to learn more or try SlashNext Real-Time Phishing Threat Intelligence free for 15 days.