CyberheistNews Vol 13 #21 [Double Trouble] 78% of Ransomware Victims Face Multiple Extortions in Scary Trend

Cyberheist News

CyberheistNews Vol 13 #21  |   May 23rd, 2023

[Double Trouble] 78% of Ransomware Victims Face Multiple Extortions in Scary TrendStu Sjouwerman SACP

New data sheds light on how likely your organization will succumb to a ransomware attack, whether you can recover your data, and what's inhibiting a proper security posture.

You have a solid grasp on what your organization's cybersecurity stance does and does not include. But is it enough to stop today's ransomware attacks? CyberEdge's 2023 Cyberthreat Defense Report provides some insight into just how prominent ransomware attacks are and what's keeping orgs from stopping them.

According to the report, in 2023:

  • 7% of organizations were victims of a ransomware attack
  • 7% of those paid a ransom
  • 73% were able to recover data
  • Only 21.6% experienced solely the encryption of data and no other form of extortion

It's this last data point that interests me. Nearly 78% of victim organizations experienced one or more additional forms of extortion. CyberEdge mentions threatening to publicly release data, notifying customers or media, and committing a DDoS attack as examples of additional threats mentioned by respondents.

IT decision makers were asked to rate on a scale of 1-5 (5 being the highest) what were the top inhibitors of establishing and maintaining an adequate defense. The top inhibitor (with an average rank of 3.66) was a lack of skilled personnel – we've long known the cybersecurity industry is lacking a proper pool of qualified talent.

In second place, with an average ranking of 3.63, is low security awareness among employees – something only addressed by creating a strong security culture with new-school security awareness training at the center of it all.

Blog post with links:

[Free Tool] Who Will Fall Victim to QR Code Phishing Attacks?

Bad actors have a new way to launch phishing attacks to your users: weaponized QR codes. QR code phishing is especially dangerous because there is no URL to check and messages bypass traditional email filters.

With the increased popularity of QR codes, users are more at risk of a phishing attack than ever. This puts your network in jeopardy!

Use our free QR Code Phishing Security Test to see which users will fall for a QR code phishing attack so you can train them to think twice before scanning QR codes and build a stronger security culture.

Here's How the QR Code Phishing Security Test works:

  • Immediately start your test for up to 100 users (no need to talk to a person)
  • Select from 35 languages and choose one of three templates
  • Choose from a "red flags missed" or a "404 error" landing page
  • Get a PDF emailed to you in 24 hours with your Phish-prone™ Percentage

Start Your QR Code Phishing Here!

[Mind Games] How You Can Fight Phishing Attacks That Surge 150% Per Year

The latest Phishing Activity Trends Report from the Anti-Phishing Working Group (APWG) shows an unrelenting upward trend in the number of phishing attacks per quarter.

Despite the alarm that the growth in the number of phishing attacks should generate, this report sheds some light on what seems to be working for cybercriminals if you dig a little deeper. According to the report:

  • The number of unique email subjects increased by 99.2%, totaling over 250,000 in Q4
  • The number of brands impersonated decreased slightly by 4% to 1780
  • The number of unique phishing websites increased slightly by 6% to just over 1.3 million

In essence, it appears that more unique campaigns are the answer – after all, there are only so many brands that have a broad appeal. It is interesting to see that the number of phishing websites is not increasing with the unique email subjects, although the "unique" email subjects may simply be variations on a theme aimed at using the same phishing website to capture credentials, banking details, etc.

The scarier part of this report is that 150% continual growth...

This growth is a mix of new threat actors getting into the game, improvements in the "as a service" of just about every facet of cyber attacks, and the fact that successful attacks are also increasing in numbers.

Organizations need to prevent these attacks before they truly start. And with the seemingly never-ending growth in phishing attacks, telling you to implement new-school security awareness training is sound advice.

[BUDGET AMMO] Blog post with links and graphs:

[Live Demo] Ridiculously Easy Security Awareness Training and Phishing

Old-school awareness training does not hack it anymore. Your email filters have an average 7-10% failure rate; you need a strong human firewall as your last line of defense.

Join us Wednesday, June 7, @ 2:00 PM (ET), for a live demonstration of how KnowBe4 introduces a new-school approach to security awareness training and simulated phishing.

Get a look at THREE NEW FEATURES and see how easy it is to train and phish your users.

  • NEW! Executive Reports - Can create, tailor and deliver advanced executive-level reports
  • NEW! KnowBe4 Mobile Learner App - Users can now train anytime, anywhere!
  • NEW! Security Culture Benchmarking feature lets you compare your organization's security culture with your peers
  • Did you know? You can upload your own SCORM training modules into your account for home workers
  • Active Directory or SCIM Integration to easily upload user data, eliminating the need to manually manage user changes

Find out how 60,000+ organizations have mobilized their end-users as their human firewall.

Date/Time: Wednesday, June 7, @ 2:00 PM (ET)

Save My Spot!

KnowBe4 Celebrates Success of 60,000-Customer Milestone

We are thrilled to announce we have reached a milestone of 60,000 customer organizations globally, consisting of tens of millions of end users.

KnowBe4 is a customer-driven organization. I truly believe that without excellent customer service, we do not exist, which is why I regularly emphasize the importance of fantastic customer service in our daily, organization-wide meetings.

This milestone of reaching 60,000 customer organizations has come to fruition because we are consistent in our efforts to address the human layer of cybersecurity, growth is strong and customer service is a pillar of our organization.

KnowBe4 is consistently ranked high on customer review platforms such as Google, G2, TrustRadius, Gartner and others. We were recently recognized with a 2023 Top Rated award from TrustRadius. Our customer satisfaction rating remains high, consistently 98% or higher. KnowBe4's superior customer service has been recognized with many accolades, including as an award finalist for the upcoming SC Awards and US Customer Experience Awards.

Blog post continued:

[FREE RESOURCE KIT] Phishing Security Resources

Phishing emails increase in volume every month and every year, so we created this free resource kit to help you defend against attacks. Request your kit now to learn phishing mitigation strategies, what new trends and attack vectors you need to be prepared for, and our best advice on how to protect your users and your organization.

Here is what you'll get:

  • Access to our free on-demand webinar Your Ultimate Guide to Phishing Mitigation featuring Roger A. Grimes, KnowBe4's Data-Driven Defense Evangelist
  • Our most popular phishing whitepaper: The Comprehensive Anti-Phishing Guide
  • A video that explains How to Avoid Phishing Attacks
  • Our most recent quarterly infographic on Top-Clicked Phishing Email Subjects Infographic
  • Posters and digital signage to remind users about what to watch out for

Get Your Free Phishing Security Resources Now!

Let's stay safe out there.

Warm Regards,

Stu Sjouwerman, SACP
Founder and CEO
KnowBe4, Inc.

PS: [FUTURE] TED Talk by OpenAI co-founder Greg Brockman: "The inside story of ChatGPT's astonishing potential":

PPS: [SCARY] New AI research lets you click and drag images to manipulate them in seconds:

Quotes of the Week  
"Some mischievous people always there. Last several thousand years, always there. In future, also."
- Dalai Lama

"Like arsenic, toxic people will slowly kill you. They kill your positive spirit and play with your mind and emotions. The only cure is to let them go."
- Denisse Lisseth

Thanks for reading CyberheistNews

You can read CyberheistNews online at our Blog

Security News

New "Greatness" Phishing-as-a-Service MFA Pass-thru Tool Aids in Attacks Against M365 Customers

This new phishing toolkit is rising in popularity for its effective realism in impersonating not just Microsoft 365, but the victim organization as well.

Security researchers at Cisco Talos have identified a new Microsoft 365 toolkit that actually creates a realistic login experience for the victim user, making it more dangerous to organizations.

The convincing impersonated login pages include:

  • Microsoft 365 branding and look-alike login page content
  • The victim's email address pre-filled
  • The victim organization's logo and background image (extracted from their real Microsoft 365 login page)

According to Cisco Talos, the target victim organizations were almost exclusively in the U.S., U.K., Australia, South Africa, and Canada, with the most commonly targeted sectors being manufacturing, healthcare and technology.

The attack actually does more than simply present the victim with a login page or ask them to enable macros. This sophisticated toolkit grabs a blurred image of an Excel spreadsheet with a superimposed box hosting a Microsoft 365 logo and a spinning wheel (as if to convey the document is trying to load). The victim is then presented with a Microsoft 365 login page already sitting at the "enter your password" stage:

Upon password entry, the toolkit attempts a login, and should multi-factor authentication (MFA) be enabled, performs a passthrough MFA attack, where the toolkit says **it is** sending the victim a code to their phone (when, in fact, Microsoft 365 is doing it). Once the code is entered into the toolkit, the code is passed through to perform the legitimate logon, giving attackers access to the Microsoft 365 account.

If there was ever a need for security awareness training to teach users to be mindful when interacting with unexpected inbound email that involves even the most believable user experience, this attack makes it clear that the time is now.

Blog post with links and screenshots:

Phishing Tops Global List with 81% as Both Initial Attack Vector and as Part of Cyberattacks

A new report covering 13 global markets highlights phishing prevalence and its role in cyber attacks when compared to other types of attacks.

It's difficult for me not to stand on my "phishing is still a big problem" soapbox when there exists stories and reports demonstrating that phishing continues to dominate as a security problem that isn't being properly addressed.

According to Infoblox's 2023 Global State of Cybersecurity Report, 81% of organizations experienced a phishing attack within the last 12 months, with 60% of successful data breaches also including phishing as part of the attack.

Phishing continues to lead as the most ubiquitous attack vector in cyber attacks today, according to Infoblox. Here are the percentages for other types of attack vectors:

  • Network attacks – 66%
  • Application attacks – 56%
  • Cloud attacks – 56%
  • Device/Endpoint attacks – 55%
  • Ransomware attacks – 53%
  • Supply Chain attacks – 50%

The 81% of organizations experiencing phishing attacks dwarfs the other attack vectors, making it clear that your organization needs to make phishing a priority, putting solutions, platforms, policies, and processes in place – which should include new-school security awareness training – to ensure that no single malicious email has the ability to engage with your users and be the catalyst for a successful cyber attack.

Blog post with links:

What KnowBe4 Customers Say

"Hi Nette, I wanted to express my gratitude for your assistance today, I am setting up two critical security programs for the city, the 'Threat & Vulnerability Management' program and the 'Managing Human Risk' program.

Your contribution has been invaluable, and I cannot thank you enough for helping me with the Managing Human Risk side of things. I feel much more at ease now that the Managing Human Risk program is taking shape, and I feel confident that I have greater control over the program. Your expertise and passion for managing and configuring our primary software solution for this program have been instrumental in making this happen.

Thank you once again for your exceptional help. I wish you a relaxing and peaceful weekend, and I look forward to speaking with you again soon."

- M.C., IT Security Administrator, IT

The 10 Interesting News Items This Week
  1. Software Supply Chain Attacks Hit 61% of Firms:

  2. Senate Bill Looks to Train AI-Ready Workforce, Focus on Risk Mitigation:

  3. The Philadelphia Inquirer's operations continue to be disrupted by a cyber incident:

  4. Maps of Vladimir Putin's secret underground lair leaked:

  5. Malware turns home routers into proxies for Chinese state-sponsored hackers:

  6. Security Week: ChatGPT's Chief Testifies Before Congress, Calls for New Agency to Regulate Artificial Intelligence:

  7. Pentagon Hacking Fears Fueled by Microsoft's Monopoly on Military IT:

  8. FBI confirms BianLian ransomware switch to extortion only attacks:

  9. Hackers Use Fake QuickBooks Software to Gain Remote Session on the Victim's Machine:

  10. China cracks down on AI-generated news anchors:

Cyberheist 'Fave' Links
This Week's Links We Like, Tips, Hints and Fun Stuff

Topics: Cybercrime, KnowBe4

Subscribe to Our Blog

Comprehensive Anti-Phishing Guide

Get the latest about social engineering

Subscribe to CyberheistNews