New insight into the state of the attacks and threats paints a picture where the cybercriminals are growing in number, sophistication and successes, while victims just sit back seemingly helpless.
It’s never a good thing when you read a report and nearly every stat points to cybercriminals getting better at their craft. But that’s exactly what we’re seeing with security vendor CrowdStrike’s 2022 Global Threat Report. According to the report, we’re seeing growth across the board:
- The number of tracked cybercriminal groups has increased by 170%
- Data leaks have become ubiquitous with ransomware attacks
- The time it takes to break out from an initially-compromised endpoint to the rest of a victim’s network is 1 hour and 32 minutes
- Interactive intrusions (those with a live threat actor involved) increased 45%
What all this data points to is that threat actors and the cybercriminal groups they belong to are honing their craft much faster than security vendors are improving their product. This doesn’t mean we should give up; but it does mean you need to get smarter with your cybersecurity strategy to specifically stop threat actions using a layered approach that logically addresses each part of an attack.
One of the most commonly neglected parts of an attack is the phishing emails that make their way to the Inbox. Should a malicious email find itself in an Inbox, the only remaining layer of defense is the vigilant user who has undergone Security Awareness Training and knows how to identify the malicious link or attachment. By doing so, the user does not enable the attack to continue and stops the attack in its tracks.