ICO Hit by 2650% Rise in Email Attacks

The UK’s Information Commissioner’s Office (ICO) experienced an astonishing 2650% increase in email attacks during 2021, according to official figures obtained by the Parliament Street think tank following a Freedom of Information request.

The figures revealed that email attacks targeting the UK’s privacy and data protection regulator surged from 150,317 in January to an incredible 4,135,075 in December. The data relates to the volume of phishing emails detected, malware detected and blocked and spam detected and blocked by the ICO for each month last year.

Spam emails represented the majority of the attacks, with cases surging by 2775% from January to December. Phishing emails also increased significantly during this period, by 20%, while malware soared by 423%.

The data showed a particularly large spike in email attacks in December, with 4,125,992 spam messages, 7886 phishing emails and 1197 malware instances. This surge is thought to be linked to the rapid spread of the Omicron variant in the UK at the end of last year, with threat actors able to leverage topics like testing and vaccines as a lure. This is in addition to Christmas scams in the build-up to the holiday period.

Edward Blake, area vice president EMEA of Absolute Software, commented: “Cyber-attacks are targeting organizations across the globe at an alarming rate, once again reminding businesses of the need to re-evaluate and revamp their security protection if it is not up to scratch.

“Cybersecurity is not just about protecting endpoints via anti-malware or email cybersecurity solutions. While these are important, there are now a variety of access points for cyber-criminals to capitalize on that IT leaders need to be aware of. These include vulnerable unpatched applications and network vulnerabilities, stolen or illegally purchased log-in credentials or even by hacking unprotected smart devices.”

Steven Peake, manager for Barracuda Networks, shared the similar concerns, remarking: “The pandemic continues to be a catalyst for opportunistic cyber-criminals to try and prey on unsuspecting, vulnerable people. Our recent research showed a 521% surge in COVID-19 test-related phishing attacks, so it is hardly surprising to see major organizations, such as the ICO, hit by such a high volume of threats as they represent lucrative targets. Phishing emails, malware and spam, in particular, account for a large proportion of the threats these organizations face, so they need to implement measures to protect themselves. These cyber-attackers aren’t going anywhere anytime soon.”

Last year, the UK government announced plans to revamp the structure of the ICO as part of plans to reform the nation’s data sector.

What’s Hot on Infosecurity Magazine?