Considered one of my favorite web sites is archive.org (OK, so I’m a nerd). For anybody not conversant in this web site, it’s basically a time machine that means that you can return and take a look at just about any web site from a time limit over the previous 20-odd years.
Lately I got here throughout a narrative on the BBC web site from June 2000 that caught my consideration. On the time, the BBC referred to America On-line (AOL) as the largest, richest, and most profitable web firm on the planet. But in some way, that they had been hit by hackers and a lot of buyer accounts had been compromised.
One paragraph specifically left me with a sense of déjà vu:
“The individuals behind the assault focused AOL customer support representatives with e-mails containing a virus attachment. When opened, it created a connection to the sender’s laptop and allowed entry to some AOL accounts, together with the shopper’s title, tackle and bank card particulars.”
It struck me that with an replace to the language and technical phrases, a change of firm title, and a present internet web page fashion sheet, this similar story wouldn’t look misplaced in July 2020.
Twenty years on, firms are nonetheless being attacked, buyer account particulars and different delicate info continues to be being stolen, information continues to be being encrypted with ransomware, and customers are nonetheless clicking on hyperlinks in emails that command them to “click on right here to replace your VPN credentials.”
Phishing (and derivatives resembling smishing or vishing) continues to be the assault beachhead for lots of the cyberattacks we examine week in, week out.
Listed below are 5 key explanation why I consider that even 20 years on from AOL being hit by hackers, companies are nonetheless struggling to adequately defend this assault beachhead and why the issue has grow to be even worse in 2020.
Distant working has dramatically elevated the phishing assault floor
The dramatic and sudden shift to home-based working since March has considerably modified the best way that many people work. Nevertheless, based mostly on Akamai’s analysis, this shift has additionally seen an enormous change within the kinds of content material that customers are actually accessing on their company gadgets. For instance, based mostly on evaluation of site visitors from our Enterprise Risk Protector safe internet gateway service between March 9 and Might 11, there was a 37% enhance in requests to social web sites and a 134% enhance in site visitors to streaming web sites. Furthermore, there was an astonishing 447% enhance in requests to web sites that had been doubtlessly malicious.
In different phrases, company gadgets are actually additionally private gadgets — thus, customers are actually accessing content material on these gadgets that they wouldn’t doubtless entry in an workplace surroundings. That blurring of enterprise and private shopping opens up an enormous assault floor for phishing assaults.
Phishing is now not nearly e-mail
Not limiting themselves to e-mail, attackers are actually exploiting common social media networks, on the spot messaging functions, and on-line file-sharing companies. Fb, Slack, Microsoft Groups, Dropbox, Google Docs, and different common platforms are actually serving because the criminals’ preliminary level of penetration into the enterprise. These channels are rather more private; they invite sharing and widespread distribution, so phishing can propagate exponentially. Whereas e-mail nonetheless stays route one, mix the earlier level concerning the blurring of enterprise and private internet shopping, and this transfer to utilizing different channels presents new safety challenges.
Assaults have grow to be industrialized
Phishing assaults are actually being created and executed on an industrial scale, and are more and more utilizing extremely subtle off-the-shelf phishing kits that permit them to be delivered as very focused, short-lived assaults. These campaigns direct victims to a phishing internet web page that’s a precise copy of a client or enterprise manufacturers web site. So, for instance, it’s comparatively low-cost and easy to launch a phishing marketing campaign that takes customers to a precise reproduction of a Microsoft 365 login web page. All it wants is one consumer to unsuspectingly hand over their credentials and it may be recreation over.
The “hackers” are all the time one step forward
As a result of there’s cash to be made in cybercrime, there’s an enormous motivation for the attackers to constantly innovate, and it will probably typically seem as if the attackers are all the time one step forward relating to phishing. They’re fast to seek out loopholes and vulnerabilities, and exploit these. For instance, up to now 12 months, attackers have used a slew of various methods to obfuscate their assaults and bypass phishing defenses. These embrace using zero-width characters, URL redirection, Google Translate, and base HTML parts. It’s a steady arms race between the attackers and the defenders. As safety distributors tackle the most recent exploits for bypassing e-mail gateways, the attackers are already creating new methods to proceed to get by way of the door.
Persons are nonetheless the weakest hyperlink
Regardless of firms investing appreciable efforts in safety consciousness coaching, many workers are nonetheless unsuspectingly clicking on hyperlinks or opening attachments in emails. On the 2019 Black Hat safety convention, a Google researcher reported that 45% of web customers nonetheless don’t know what phishing is. That’s a reasonably staggering statistic given how lengthy phishing has been round and the way a lot effort and time has been expended in educating customers about phishing. Put that statistic alongside the rising phishing assault vectors and the change in consumer conduct because of residence working, and it’s a worrying mixture. Who wouldn’t be tempted to open an e-mail with a topic line of “Your COVID-19 Check Outcomes” and click on on the hyperlink or open the connected PDF?
For extra info, go to akamai.com/etp.
*** It is a Safety Bloggers Community syndicated weblog from The Akamai Weblog authored by Jim Black. Learn the unique submit at: http://feedproxy.google.com/~r/TheAkamaiBlog/~3/DIuQ6c6dPH4/tale-of-the-tape-top-5-reasons-phishing-attacks-havent-dried-up.html