When it comes to cybersecurity, email remains a prime attack vector for criminals. A full 90% of respondents in a recent survey whose organization experienced a spear phishing attack within the past year said that the attacks targeted employees’ email—at a cost that ranges into the millions per incident.
The survey, conducted by Vanson Bourne and sponsored by Cloudmark, found that in the past 12 months, spear phishing was responsible for 38 percent of cyber-attacks on their enterprises.
Further, the average financial cost of spear phishing attacks (in the last 12 months) among the 88 respondents who had suffered a spear phishing attack was $1.6 million. The vast majority were US companies. For the US businesses, the average cost of spear phishing attacks was $1.8 million.
As a result, IT professionals are also increasingly concerned about spear phishing attacks. Nearly three-quarters of IT decision makers feel that that spear phishing currently poses a significant threat to their organization. And it’s not an unfounded concern: Spear phishing attacks have been associated with multiple recent high-profile data breaches, including those experienced by Target, Sony and the Pentagon.
According to the survey, almost two thirds of IT decision makers interviewed say spear phishing ranks as either their organization’s top security concern (20 percent) or among their organization’s top three (42 percent) security concerns.
Spear phishing attacks can quickly yield valuable information such as user credentials to corporate or personal accounts, which attackers can leverage to gain additional insight into the target organization or individual, and to launch additional attacks that seek access to additional systems and services.
They’re also highly effective: According to Verizon’s 2015 Data Breach Investigations Report, nearly 50 percent of victims open phishing emails and click on the link within the first hour of receiving them.
“With the wealth of information about individuals and organizations now available online, cyber-criminals can easily craft targeted attacks to gain access to valuable personal and financial information. Spear phishing has emerged to become one of the largest threats facing enterprises today,” said George Riedel, CEO of Cloudmark. “Based on our conversations with customers, partners and enterprise IT decision makers, it is glaringly apparent that organizations across industries are struggling to combat spear phishing threats.”
When it comes to how effective businesses are in combatting spear phishing attacks, respondents estimated that 28 percent of spear phishing attacks were getting past their existing cyber defenses. In the US, the figure was higher, with IT decision makers estimating that 33 percent of spear phishing attacks are successfully reaching their intended targets. The most common types of attacks to their business were malware (34 percent), authentication credentials discovery (30 percent) and corporate information requests (25 percent). Nine percent also reported wire fraud attacks.
Respondents also reported that spear phishing attacks were increasingly directed at C-Suite executives, in a type of attack that’s sometimes called “whaling.” Twenty-seven percent said CEOs were targeted; the number reporting CFO attacks was 17 percent. Respondents reported that their organization had suffered an average of 10 attacks involving the spoofing of a CEO for financial gain within the last 12 months.
Cloudmark also announced Trident, a security platform that combines threat intelligence, anomaly detection, context analysis and behavioral learning to intercept spear phishing attacks. It identifies suspicious messages that may appear to be legitimate, including those with dangerous attachments and links, before they reach employees. It also works to detect spear phishing attacks often missed by Secure Email Gateway (SEG) solutions, including text-only attacks that have no URL or malicious attachment payloads. This includes impersonation attacks that often lead to wire fraud and the loss of millions of dollars, as well as the termination of executives who were deceived by attackers.
Photo © wk1003mike