cyber trends
Many – if not most – phishing emails today are sent by cybercriminals as a launchpad for the latest cyberattack trend : double-extortion ransomware .
victim , the attackers also threatened to leak stolen data onto the Internet . The intention of double-extortion ransomware attacks is to shame victims into paying a ransom , even if the appropriate backups are in place to mitigate a traditional ransomware attack .
Many double-extortion ransomware attacks lead to sensitive data being publicised on social media . In mid-2020 , there has been an increasing trend for the publication of screenshots of the stolen data by cybercriminals and security researchers . This means that often the first public indication that an organisation has been hit by ransomware will be stolen sensitive information appearing on social media .
Adapting to keep cybercriminals at bay of advice for how to adapt to keep cybercriminals at bay : implementing multi-factor authentication for mail filtering software . In 2020 , there really is no good reason for not using multi-factor authentication to control access across an organisation ’ s entire infrastructure . Cybercriminals can and will exploit any vector they can to launch cyberattacks across an organisation ; multi-factor authentication makes their jobs much , much harder .
But the latest phishing trends also warrant a broader assessment of an organisation ’ s cybersecurity posture . Here are four ways organisations can protect themselves more effectively from the latest phishing trends and other cyberattacks :
1 . Implement multi-factor authentication – Using multifactor authentication for access to Microsoft 365 and other accounts will repel the vast majority of cyberattacks .
2 . Email security – Email is by far the number one vector for attackers to infiltrate organisations ’ networks and phishing emails are the number one threat in the email space . Organisations should incorporate a robust email security solution to protect themselves from such attacks .
3 . Educate employees – Proper and ongoing education of employees around the evolving threat landscape will ensure they are able to identify and address phishing emails when they slip through the net and enter their mailboxes .
4 . Notification – If a breach has been detected in an organisation , the organisation should make sure to notify all of its business partners as well – any delay in notification only works for the benefit of the attacker .
Adapting to phishing trends
As we transition into the ‘ new normal ’ way of working together , we should all be proactive in our approach to handling the cyberthreats we face .
By understanding developing phishing trends and other cyberattack methods , we can implement measures to keep cybercriminals at bay and protect our organisations from financial , operational and reputational damage . u
Double-extortion ransomware attacks are a relatively recent development in the cybersecurity landscape . By adding a layer of reputational damage that goes beyond typical phishing and ransomware attacks , they present an even greater risk to target organisations . As many of these attacks use phishing emails as a launchpad , organisations should be proactive in their approach to cybersecurity if they are to remain safe from compromise .
If you ’ ve been playing along at home , you can probably guess the first piece
www . intelligentciso . com | Issue 30
21